**************************** FATAL ERROR ****************************Exception

1. **************************** FATAL ERROR ****************************
2. Exception in: C:\Windows\SYSTEM32\ntdll.dll
3. Exception: EXCEPTION_ACCESS_VIOLATION
4. PC: 0x0000000053878146 ModuleOffset: 0x00000000F0DF8146
5.  
6.  
7. Module path: C:\Windows\SYSTEM32\ntdll.dll
8. PC: 0x0000000053878146 ModuleOffset: 0x00000000F0DF8146
9. RAX: 0x0000000000000000 RBX: 0x00000000ECDFDDF0 RCX: 0x00000000ECDFDCF0
10. RDX: 0x0000000000000000 RDI: 0x0000000000000000 RSI: 0x0000000000000000
11. RSP: 0x00000000ECDFDC38 RIP: 0x00000000F0DF8146 RBP: 0x00000000ECDFDD40
12. R8 : 0x0000000000000000 R9 : 0x0000000000000003 R10: 0x0000000000000080
13. R11: 0x000000009DAFDCA0 R12: 0x0000000000000002 R13: 0x0000000000000000
14. R14: 0x0000000000000000 R15: 0x0000000000000003
15.  
16. Memory from 0x00000000F0DF8126
17. FF CC CC CC CC CC CC CC CC CC 45 33 C0 48 89 51
18. 08 44 89 01 48 85 D2 74 24 48 83 C8 FF 48 FF C0
19. 66 44 39 04 42 75 F6 48 3D FE 7F 00 00 77 11 48
20. 03 C0 66 89 01 66 83 C0 02 66 89 41 02 33 C0 C3
21. B8 06 01 00 C0 C3 CC CC CC CC CC CC CC CC 65 48
22.  
23. Stack Trace
24. 8: - 0x0
25.  
26. 7: - 0x0
27.  
28. 6: UnhandledExceptionFilter - 0xED5E7C70
29.  
30. 5: memset - 0xF0E8B900
31.  
32. 4: _C_specific_handler - 0xF0E75A90
33.  
34. 3: _chkstk - 0xF0E89A00
35.  
36. 2: RtlImageNtHeaderEx - 0xF0E14B30
37.  
38. 1: KiUserExceptionDispatcher - 0xF0E88BD0
39.  
40. 0: RtlInitUnicodeStringEx - 0xF0DF8130
41.  
42.  
43.  
44. ------------------------------
45. THREAD ID: 0x000015B0
46. got context
47. Module path: C:\Windows\SYSTEM32\ntdll.dll
48. PC: 0x0000000053905C34 ModuleOffset: 0x00000000F0E85C34
49. RAX: 0x00000000E1DFDBA4 RBX: 0x0000000000000002 RCX: 0x0000000000000002
50. RDX: 0x00000000FFFFFFFF RDI: 0x0000000000000002 RSI: 0x0000000000000001
51. RSP: 0x00000000E1DFD5D8 RIP: 0x00000000F0E85C34 RBP: 0x0000000000000001
52. R8 : 0x0000000000000001 R9 : 0x000000009D6B38F0 R10: 0x0000000000000000
53. R11: 0x0000000000000246 R12: 0x00000000FFFFFFFF R13: 0x00000000E1DFD910
54. R14: 0x0000000000000000 R15: 0x0000000000000000
55.  
56. Memory from 0x00000000F0E85C14
57. FF 66 66 66 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
58. 5B 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
59. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
60. 5C 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
61. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
62.  
63. Stack Trace
64. 0: ZwWaitForMultipleObjects 0x00000014
65. 1: WaitForMultipleObjectsEx 0x000001C9
66. 2: MsgWaitForMultipleObjectsEx 0x00000152
67. 3: CoTaskMemFree 0x00006E0D
68. 4: RoRegisterActivationFactories 0x0000033F
69. 5: CoWaitForMultipleHandles 0x000000BE
70. 6: GetMetaDataInternalInterfaceFromPublic 0x0000E81E
71.  
72.  
73.  
74. ------------------------------
75. THREAD ID: 0x00001CA8
76. got context
77. Module path: C:\Windows\SYSTEM32\ntdll.dll
78. PC: 0x00000000539087F4 ModuleOffset: 0x00000000F0E887F4
79. RAX: 0x000000000000001C RBX: 0x000000009D6655E0 RCX: 0x00000000EB80CFE4
80. RDX: 0x00000000EB800000 RDI: 0x000000009D665960 RSI: 0x0000000000000010
81. RSP: 0x00000000E21FF628 RIP: 0x00000000F0E887F4 RBP: 0x0000000000000000
82. R8 : 0x00000000E21FED80 R9 : 0x000000000000006C R10: 0x00000000E21FEF64
83. R11: 0x00000000E21FEBE0 R12: 0x0000000000000000 R13: 0x00000000F0E0E130
84. R14: 0x00000000F0DE9AF0 R15: 0x000000009D662AA0
85.  
86. Memory from 0x00000000F0E887D4
87. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
88. B9 01 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
89. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
90. BA 01 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
91. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
92.  
93. Stack Trace
94. 0: ZwWaitForWorkViaWorkerFactory 0x00000014
95. 1: RtlAcquireSRWLockShared 0x00003E28
96. 2: BaseThreadInitThunk 0x00000022
97. 3: RtlUserThreadStart 0x00000034
98.  
99.  
100.  
101. ------------------------------
102. THREAD ID: 0x000020DC
103. got context
104. Module path: C:\Windows\SYSTEM32\ntdll.dll
105. PC: 0x00000000539087F4 ModuleOffset: 0x00000000F0E887F4
106. RAX: 0x0000000000000000 RBX: 0x000000009D665ED0 RCX: 0x0000000000000048
107. RDX: 0x00000000002980DB RDI: 0x000000009D666250 RSI: 0x0000000000000010
108. RSP: 0x00000000E25FF688 RIP: 0x00000000F0E887F4 RBP: 0x0000000000000000
109. R8 : 0x00000000000002DD R9 : 0x00000000000002F7 R10: 0x00000000000002C3
110. R11: 0x00000000ED43C6B8 R12: 0x0000000000000000 R13: 0x00000000F0E0E130
111. R14: 0x00000000F0DE9AF0 R15: 0x000000009D662AA0
112.  
113. Memory from 0x00000000F0E887D4
114. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
115. B9 01 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
116. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
117. BA 01 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
118. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
119.  
120. Stack Trace
121. 0: ZwWaitForWorkViaWorkerFactory 0x00000014
122. 1: RtlAcquireSRWLockShared 0x00003E28
123. 2: BaseThreadInitThunk 0x00000022
124. 3: RtlUserThreadStart 0x00000034
125.  
126.  
127.  
128. ------------------------------
129. THREAD ID: 0x000020F4
130. got context
131. Module path: C:\Windows\SYSTEM32\ntdll.dll
132. PC: 0x0000000053905C34 ModuleOffset: 0x00000000F0E85C34
133. RAX: 0x0000000000000000 RBX: 0x0000000000000003 RCX: 0x00000000DFCBD820
134. RDX: 0x0000000000000000 RDI: 0x0000000000000003 RSI: 0x0000000000000000
135. RSP: 0x00000000E29FF8E8 RIP: 0x00000000F0E85C34 RBP: 0x00000000E29FFC49
136. R8 : 0x0000000000000000 R9 : 0x0000000000000000 R10: 0x0000000000000000
137. R11: 0x0000000000000000 R12: 0x00000000FFFFFFFF R13: 0x00000000E29FFC50
138. R14: 0x0000000000000000 R15: 0x0000000000000000
139.  
140. Memory from 0x00000000F0E85C14
141. FF 66 66 66 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
142. 5B 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
143. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
144. 5C 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
145. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
146.  
147. Stack Trace
148. 0: ZwWaitForMultipleObjects 0x00000014
149. 1: WaitForMultipleObjectsEx 0x000000EF
150. 2: InitializeFusion 0x00004832
151. 3: InitializeFusion 0x0000475D
152. 4: InitializeFusion 0x00004670
153. 5: BaseThreadInitThunk 0x00000022
154. 6: RtlUserThreadStart 0x00000034
155.  
156.  
157.  
158. ------------------------------
159. THREAD ID: 0x00001EAC
160. got context
161. Module path: C:\Windows\SYSTEM32\ntdll.dll
162. PC: 0x0000000053905164 ModuleOffset: 0x00000000F0E85164
163. RAX: 0x00000000ED7CE600 RBX: 0x0000000000000000 RCX: 0x00000000ED780000
164. RDX: 0x00000000ED7CE600 RDI: 0x00000000000001A8 RSI: 0x00000000000007D0
165. RSP: 0x00000000E2DFF288 RIP: 0x00000000F0E85164 RBP: 0x000000009D6DC680
166. R8 : 0x0000000000000040 R9 : 0x0000000000000042 R10: 0x000000000000003F
167. R11: 0x0000000000000000 R12: 0x0000000000000000 R13: 0x0000000000000000
168. R14: 0x00000000E2DFF2B8 R15: 0x0000000000000000
169.  
170. Memory from 0x00000000F0E85144
171. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
172. 04 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
173. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
174. 05 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
175. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
176.  
177. Stack Trace
178. 0: NtWaitForSingleObject 0x00000014
179. 1: WaitForSingleObjectEx 0x0000008F
180. 2: GetMetaDataPublicInterfaceFromInternal 0x00008D67
181. 3: GetMetaDataPublicInterfaceFromInternal 0x00008D1F
182. 4: GetMetaDataPublicInterfaceFromInternal 0x00008CE0
183. 5: GetMetaDataPublicInterfaceFromInternal 0x0004888C
184. 6: GetMetaDataPublicInterfaceFromInternal 0x000354A4
185. 7: DllCanUnloadNowInternal 0x000019A9
186. 8: DllCanUnloadNowInternal 0x00001924
187. 9: DllCanUnloadNowInternal 0x00001862
188. 10: GetCLRFunction 0x000007EA
189. 11: InstallCustomModule 0x00001C7F
190. 12: BaseThreadInitThunk 0x00000022
191. 13: RtlUserThreadStart 0x00000034
192.  
193.  
194.  
195. ------------------------------
196. THREAD ID: 0x0000219C
197. got context
198. Module path: C:\Windows\SYSTEM32\ntdll.dll
199. PC: 0x00000000539087F4 ModuleOffset: 0x00000000F0E887F4
200. RAX: 0x0000000000000001 RBX: 0x000000009D71E810 RCX: 0x000000009D70A560
201. RDX: 0x0000000000000000 RDI: 0x000000009D71EB90 RSI: 0x0000000000000010
202. RSP: 0x00000000E31FFA88 RIP: 0x00000000F0E887F4 RBP: 0x0000000000000000
203. R8 : 0x0000000000000000 R9 : 0x00000000F0DE9200 R10: 0x000000009D70A580
204. R11: 0x0000000000000000 R12: 0x0000000000000000 R13: 0x00000000F0E0E130
205. R14: 0x00000000F0DE9AF0 R15: 0x000000009D662AA0
206.  
207. Memory from 0x00000000F0E887D4
208. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
209. B9 01 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
210. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
211. BA 01 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
212. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
213.  
214. Stack Trace
215. 0: ZwWaitForWorkViaWorkerFactory 0x00000014
216. 1: RtlAcquireSRWLockShared 0x00003E28
217. 2: BaseThreadInitThunk 0x00000022
218. 3: RtlUserThreadStart 0x00000034
219.  
220.  
221.  
222. ------------------------------
223. THREAD ID: 0x00002924
224. got context
225. Module path: C:\Windows\SYSTEM32\ntdll.dll
226. PC: 0x0000000053905164 ModuleOffset: 0x00000000F0E85164
227. RAX: 0x0000000000000102 RBX: 0x0000000000000000 RCX: 0x00000000F0E85164
228. RDX: 0x0000000000000000 RDI: 0x00000000000003F4 RSI: 0x0000000000000064
229. RSP: 0x00000000E45FF988 RIP: 0x00000000F0E85164 RBP: 0x0000000000000064
230. R8 : 0x00000000E45FF988 R9 : 0x0000000000000064 R10: 0x0000000000000000
231. R11: 0x0000000000000246 R12: 0x0000000000000000 R13: 0x0000000066F8B560
232. R14: 0x00000000E45FF9B8 R15: 0x0000000000000000
233.  
234. Memory from 0x00000000F0E85144
235. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
236. 04 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
237. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
238. 05 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
239. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
240.  
241. Stack Trace
242. 0: NtWaitForSingleObject 0x00000014
243. 1: WaitForSingleObjectEx 0x0000008F
244. 2: DrvValidateVersion 0x00009E7A
245. 5: DrvValidateVersion 0x0000AA8B
246. 6: BaseThreadInitThunk 0x00000022
247. 7: RtlUserThreadStart 0x00000034
248.  
249.  
250.  
251. ------------------------------
252. THREAD ID: 0x0000042C
253. got context
254. Module path: C:\Windows\SYSTEM32\ntdll.dll
255. PC: 0x0000000053905164 ModuleOffset: 0x00000000F0E85164
256. RAX: 0x0000000000000000 RBX: 0x0000000000000000 RCX: 0x00000000B593A09C
257. RDX: 0x00000000B7D434D0 RDI: 0x0000000000000428 RSI: 0x00000000FFFFFFFF
258. RSP: 0x00000000E4DFFD58 RIP: 0x00000000F0E85164 RBP: 0x00000000B891CF38
259. R8 : 0x0000000000000000 R9 : 0x0000000000000000 R10: 0x0000000000000000
260. R11: 0x0000000000000000 R12: 0x0000000000000000 R13: 0x0000000000000000
261. R14: 0x0000000000000000 R15: 0x0000000000000000
262.  
263. Memory from 0x00000000F0E85144
264. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
265. 04 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
266. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
267. 05 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
268. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
269.  
270. Stack Trace
271. 0: NtWaitForSingleObject 0x00000014
272. 1: WaitForSingleObjectEx 0x0000008F
273. 2: glIsTextureEXT 0x0022990A
274. 3: glIsTextureEXT 0x0022B2C0
275. 4: glIsTextureEXT 0x00229756
276. 5: wglRealizeLayerPalette 0x00B1A333
277. 6: wglRealizeLayerPalette 0x00B1A57E
278. 7: BaseThreadInitThunk 0x00000022
279. 8: RtlUserThreadStart 0x00000034
280.  
281.  
282.  
283. ------------------------------
284. THREAD ID: 0x00002958
285. got context
286. Module path: C:\Windows\SYSTEM32\ntdll.dll
287. PC: 0x0000000053905164 ModuleOffset: 0x00000000F0E85164
288. RAX: 0x00000000B5E7B590 RBX: 0x0000000000000000 RCX: 0x00000000B5C93760
289. RDX: 0x000000000000006C RDI: 0x000000000000043C RSI: 0x00000000FFFFFFFF
290. RSP: 0x00000000E51FF5A8 RIP: 0x00000000F0E85164 RBP: 0x00000000B891D0C8
291. R8 : 0x00000000FFFFFFFF R9 : 0x00000000B49D0000 R10: 0x0000000000000000
292. R11: 0x0000000000000200 R12: 0x0000000000000000 R13: 0x0000000000000000
293. R14: 0x0000000000000000 R15: 0x0000000000000000
294.  
295. Memory from 0x00000000F0E85144
296. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
297. 04 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
298. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
299. 05 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
300. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
301.  
302. Stack Trace
303. 0: NtWaitForSingleObject 0x00000014
304. 1: WaitForSingleObjectEx 0x0000008F
305. 2: glIsTextureEXT 0x0022990A
306. 3: glIsTextureEXT 0x0022B2C0
307. 4: glIsTextureEXT 0x00229756
308. 5: wglRealizeLayerPalette 0x00B1A333
309. 6: wglRealizeLayerPalette 0x00B1A57E
310. 7: BaseThreadInitThunk 0x00000022
311. 8: RtlUserThreadStart 0x00000034
312.  
313.  
314.  
315. ------------------------------
316. THREAD ID: 0x00001AEC
317. got context
318. Module path: C:\Windows\SYSTEM32\ntdll.dll
319. PC: 0x0000000053905164 ModuleOffset: 0x00000000F0E85164
320. RAX: 0x0000000000000000 RBX: 0x0000000000000000 RCX: 0x00000000B593A09C
321. RDX: 0x00000000B7D414E0 RDI: 0x0000000000000450 RSI: 0x00000000FFFFFFFF
322. RSP: 0x00000000E55FF748 RIP: 0x00000000F0E85164 RBP: 0x00000000B891D258
323. R8 : 0x0000000000000000 R9 : 0x0000000000000000 R10: 0x0000000000000000
324. R11: 0x0000000000000000 R12: 0x0000000000000000 R13: 0x0000000000000000
325. R14: 0x0000000000000000 R15: 0x0000000000000000
326.  
327. Memory from 0x00000000F0E85144
328. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
329. 04 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
330. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
331. 05 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
332. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
333.  
334. Stack Trace
335. 0: NtWaitForSingleObject 0x00000014
336. 1: WaitForSingleObjectEx 0x0000008F
337. 2: glIsTextureEXT 0x0022990A
338. 3: glIsTextureEXT 0x0022B2C0
339. 4: glIsTextureEXT 0x00229756
340. 5: wglRealizeLayerPalette 0x00B1A333
341. 6: wglRealizeLayerPalette 0x00B1A57E
342. 7: BaseThreadInitThunk 0x00000022
343. 8: RtlUserThreadStart 0x00000034
344.  
345.  
346.  
347. ------------------------------
348. THREAD ID: 0x00001E54
349. got context
350. Module path: C:\Windows\SYSTEM32\ntdll.dll
351. PC: 0x0000000053905164 ModuleOffset: 0x00000000F0E85164
352. RAX: 0x0000000000000000 RBX: 0x0000000000000000 RCX: 0x00000000B593A09C
353. RDX: 0x00000000B7D41E00 RDI: 0x0000000000000464 RSI: 0x00000000FFFFFFFF
354. RSP: 0x00000000E59FF8D8 RIP: 0x00000000F0E85164 RBP: 0x00000000B891D3E8
355. R8 : 0x0000000000000000 R9 : 0x0000000000000000 R10: 0x0000000000000000
356. R11: 0x0000000000000000 R12: 0x0000000000000000 R13: 0x0000000000000000
357. R14: 0x0000000000000000 R15: 0x0000000000000000
358.  
359. Memory from 0x00000000F0E85144
360. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
361. 04 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
362. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
363. 05 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
364. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
365.  
366. Stack Trace
367. 0: NtWaitForSingleObject 0x00000014
368. 1: WaitForSingleObjectEx 0x0000008F
369. 2: glIsTextureEXT 0x0022990A
370. 3: glIsTextureEXT 0x0022B2C0
371. 4: glIsTextureEXT 0x00229756
372. 5: wglRealizeLayerPalette 0x00B1A333
373. 6: wglRealizeLayerPalette 0x00B1A57E
374. 7: BaseThreadInitThunk 0x00000022
375. 8: RtlUserThreadStart 0x00000034
376.  
377.  
378.  
379. ------------------------------
380. THREAD ID: 0x00000944
381. got context
382. Module path: C:\Windows\SYSTEM32\ntdll.dll
383. PC: 0x0000000053905164 ModuleOffset: 0x00000000F0E85164
384. RAX: 0x0000000000180000 RBX: 0x0000000000000001 RCX: 0x0000000000000014
385. RDX: 0x0000000000000106 RDI: 0x000000000000053C RSI: 0x00000000FFFFFFFF
386. RSP: 0x00000000E5DFFDC8 RIP: 0x00000000F0E85164 RBP: 0x0000000000000000
387. R8 : 0x0000000000000001 R9 : 0x00000000B8810000 R10: 0x0000000000000000
388. R11: 0x000000009D660150 R12: 0x0000000000000000 R13: 0x0000000000000000
389. R14: 0x0000000000000000 R15: 0x0000000000000000
390.  
391. Memory from 0x00000000F0E85144
392. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
393. 04 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
394. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
395. 05 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
396. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
397.  
398. Stack Trace
399. 0: NtWaitForSingleObject 0x00000014
400. 1: WaitForSingleObjectEx 0x0000008F
401. 2: RasSignalMonitorThreadExit 0x00000316
402. 3: BaseThreadInitThunk 0x00000022
403. 4: RtlUserThreadStart 0x00000034
404.  
405.  
406.  
407. ------------------------------
408. THREAD ID: 0x00001D8C
409. got context
410. Module path: C:\Windows\SYSTEM32\ntdll.dll
411. PC: 0x0000000053905764 ModuleOffset: 0x00000000F0E85764
412. RAX: 0x0000000000000000 RBX: 0x0000000000000000 RCX: 0x0000000000000000
413. RDX: 0x0000000000000000 RDI: 0x0000000000000000 RSI: 0x0000000000007530
414. RSP: 0x00000000E61FF508 RIP: 0x00000000F0E85764 RBP: 0x0000000000000000
415. R8 : 0x00000000E61FF2C8 R9 : 0x00000000000005D4 R10: 0x00000000000005D0
416. R11: 0x0000000000000246 R12: 0x0000000000000000 R13: 0x00000000F0E0E130
417. R14: 0x00000000E61FF530 R15: 0x000000009D663C70
418.  
419. Memory from 0x00000000F0E85744
420. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
421. 34 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
422. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
423. 35 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
424. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
425.  
426. Stack Trace
427. 0: ZwDelayExecution 0x00000014
428. 1: SleepEx 0x000000A7
429. 2: WinHttpTimeToSystemTime 0x00008586
430. 3: WinHttpTimeToSystemTime 0x00008489
431. 4: TpAllocWait 0x00000305
432. 5: RtlAcquireSRWLockShared 0x0000453E
433. 6: BaseThreadInitThunk 0x00000022
434. 7: RtlUserThreadStart 0x00000034
435.  
436.  
437.  
438. ------------------------------
439. THREAD ID: 0x00002058
440. got context
441. Module path: C:\Windows\SYSTEM32\ntdll.dll
442. PC: 0x00000000539087F4 ModuleOffset: 0x00000000F0E887F4
443. RAX: 0x000000000000002E RBX: 0x00000000B8992D20 RCX: 0x00000000B0CDCF0A
444. RDX: 0x00000000B8BCF0A0 RDI: 0x00000000B89930A0 RSI: 0x0000000000000010
445. RSP: 0x00000000E65FF7F8 RIP: 0x00000000F0E887F4 RBP: 0x0000000000000000
446. R8 : 0x00000000B8BD0EA0 R9 : 0x00000000816972F1 R10: 0x000000009D820000
447. R11: 0x0000000000000B13 R12: 0x0000000000000000 R13: 0x00000000F0E0E130
448. R14: 0x00000000F0DE9AF0 R15: 0x000000009D663C70
449.  
450. Memory from 0x00000000F0E887D4
451. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
452. B9 01 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
453. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
454. BA 01 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
455. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
456.  
457. Stack Trace
458. 0: ZwWaitForWorkViaWorkerFactory 0x00000014
459. 1: RtlAcquireSRWLockShared 0x00003E28
460. 2: BaseThreadInitThunk 0x00000022
461. 3: RtlUserThreadStart 0x00000034
462.  
463.  
464.  
465. ------------------------------
466. THREAD ID: 0x00001404
467. got context
468. Module path: C:\Windows\SYSTEM32\ntdll.dll
469. PC: 0x0000000053905C34 ModuleOffset: 0x00000000F0E85C34
470. RAX: 0x00000000E18AB758 RBX: 0x0000000000000001 RCX: 0x00000000B8964580
471. RDX: 0x00000000F0D20C70 RDI: 0x0000000000000001 RSI: 0x0000000000000000
472. RSP: 0x00000000E69FF268 RIP: 0x00000000F0E85C34 RBP: 0x00000000000005E0
473. R8 : 0x0000000000000097 R9 : 0x0000000000000000 R10: 0x0000000000000000
474. R11: 0x00000000B8989D60 R12: 0x00000000FFFFFFFF R13: 0x00000000E69FF5C0
475. R14: 0x0000000000000000 R15: 0x0000000000000000
476.  
477. Memory from 0x00000000F0E85C14
478. FF 66 66 66 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
479. 5B 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
480. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
481. 5C 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
482. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
483.  
484. Stack Trace
485. 0: ZwWaitForMultipleObjects 0x00000014
486. 1: WaitForMultipleObjectsEx 0x000000EF
487. 2: RoGetActivationFactory 0x0000FE0F
488. 3: InternalReleaseMarshalObjRef 0x00000BD8
489. 4: RoGetActivationFactory 0x0000FCD7
490. 5: InternalReleaseMarshalObjRef 0x000014CC
491. 6: BaseThreadInitThunk 0x00000022
492. 7: RtlUserThreadStart 0x00000034
493.  
494.  
495.  
496. ------------------------------
497. THREAD ID: 0x000022B8
498. got context
499. Module path: C:\Windows\SYSTEM32\ntdll.dll
500. PC: 0x0000000053905C34 ModuleOffset: 0x00000000F0E85C34
501. RAX: 0x00000000000000C0 RBX: 0x0000000000000002 RCX: 0x0000000000000000
502. RDX: 0x0000000000000000 RDI: 0x0000000000000002 RSI: 0x0000000000000001
503. RSP: 0x00000000E17BFB88 RIP: 0x00000000F0E85C34 RBP: 0x0000000000000000
504. R8 : 0x0000000000000000 R9 : 0x0000000000000000 R10: 0x0000000000000000
505. R11: 0x0000000000000000 R12: 0x00000000FFFFFFFF R13: 0x00000000B896E298
506. R14: 0x0000000000000000 R15: 0x0000000000000000
507.  
508. Memory from 0x00000000F0E85C14
509. FF 66 66 66 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
510. 5B 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
511. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
512. 5C 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
513. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
514.  
515. Stack Trace
516. 0: ZwWaitForMultipleObjects 0x00000014
517. 1: WaitForMultipleObjectsEx 0x000000EF
518. 2: CreateAssemblyNameObject 0x00057D94
519. 3: BaseThreadInitThunk 0x00000022
520. 4: RtlUserThreadStart 0x00000034
521.  
522.  
523.  
524. ------------------------------
525. THREAD ID: 0x00002928
526. got context
527. Module path: C:\Windows\SYSTEM32\ntdll.dll
528. PC: 0x0000000053905C34 ModuleOffset: 0x00000000F0E85C34
529. RAX: 0x0000000000000000 RBX: 0x0000000000000001 RCX: 0x0000000000000440
530. RDX: 0x0000000000000000 RDI: 0x0000000000000001 RSI: 0x0000000000000001
531. RSP: 0x00000000E6DFE7B8 RIP: 0x00000000F0E85C34 RBP: 0x00000000E6DFEBC9
532. R8 : 0x0000000000002000 R9 : 0x00000000FFFFFFF8 R10: 0x00000000FFFFFFFF
533. R11: 0x00000000A049ACC0 R12: 0x00000000FFFFFFFF R13: 0x00000000E6DFED10
534. R14: 0x0000000000000000 R15: 0x0000000000000001
535.  
536. Memory from 0x00000000F0E85C14
537. FF 66 66 66 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
538. 5B 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
539. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
540. 5C 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
541. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
542.  
543. Stack Trace
544. 0: ZwWaitForMultipleObjects 0x00000014
545. 1: WaitForMultipleObjectsEx 0x000000EF
546. 2: GetMetaDataPublicInterfaceFromInternal 0x0003A95E
547. 3: GetMetaDataPublicInterfaceFromInternal 0x0003A7F8
548. 4: GetMetaDataPublicInterfaceFromInternal 0x0003A5F1
549. 5: GetMetaDataPublicInterfaceFromInternal 0x0003EEB5
550. 13: DllCanUnloadNowInternal 0x00000BE3
551. 14: DllCanUnloadNowInternal 0x00000AA3
552. 15: DllCanUnloadNowInternal 0x000012F5
553. 16: GetPrivateContextsPerfCounters 0x00007B79
554. 17: DllCanUnloadNowInternal 0x000019A9
555. 18: DllCanUnloadNowInternal 0x00001924
556. 19: DllCanUnloadNowInternal 0x00001862
557. 20: DllCanUnloadNowInternal 0x000019E3
558. 21: GetPrivateContextsPerfCounters 0x00007A5B
559. 22: InstallCustomModule 0x00001C7F
560. 23: BaseThreadInitThunk 0x00000022
561. 24: RtlUserThreadStart 0x00000034
562.  
563.  
564.  
565. ------------------------------
566. THREAD ID: 0x00002A14
567. got context
568. Module path: C:\Windows\SYSTEM32\ntdll.dll
569. PC: 0x0000000053905C34 ModuleOffset: 0x00000000F0E85C34
570. RAX: 0x0000000000000000 RBX: 0x0000000000000001 RCX: 0x0000000000000FE0
571. RDX: 0x0000000000000000 RDI: 0x0000000000000001 RSI: 0x0000000000000001
572. RSP: 0x00000000E71FE818 RIP: 0x00000000F0E85C34 RBP: 0x00000000E71FEC29
573. R8 : 0x0000000000001990 R9 : 0x00000000FFFFFFF8 R10: 0x00000000FFFFFFFF
574. R11: 0x00000000A04B5650 R12: 0x00000000FFFFFFFF R13: 0x00000000E71FED70
575. R14: 0x0000000000000000 R15: 0x0000000000000001
576.  
577. Memory from 0x00000000F0E85C14
578. FF 66 66 66 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
579. 5B 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
580. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
581. 5C 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
582. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
583.  
584. Stack Trace
585. 0: ZwWaitForMultipleObjects 0x00000014
586. 1: WaitForMultipleObjectsEx 0x000000EF
587. 2: GetMetaDataPublicInterfaceFromInternal 0x0003A95E
588. 3: GetMetaDataPublicInterfaceFromInternal 0x0003A7F8
589. 4: GetMetaDataPublicInterfaceFromInternal 0x0003A5F1
590. 5: GetMetaDataPublicInterfaceFromInternal 0x0003EEB5
591. 13: DllCanUnloadNowInternal 0x00000BE3
592. 14: DllCanUnloadNowInternal 0x00000AA3
593. 15: DllCanUnloadNowInternal 0x000012F5
594. 16: GetPrivateContextsPerfCounters 0x00007B79
595. 17: DllCanUnloadNowInternal 0x000019A9
596. 18: DllCanUnloadNowInternal 0x00001924
597. 19: DllCanUnloadNowInternal 0x00001862
598. 20: DllCanUnloadNowInternal 0x000019E3
599. 21: GetPrivateContextsPerfCounters 0x00007A5B
600. 22: InstallCustomModule 0x00001C7F
601. 23: BaseThreadInitThunk 0x00000022
602. 24: RtlUserThreadStart 0x00000034
603.  
604.  
605.  
606. ------------------------------
607. THREAD ID: 0x00001008
608. got context
609. Module path: C:\Windows\SYSTEM32\ntdll.dll
610. PC: 0x0000000053905C34 ModuleOffset: 0x00000000F0E85C34
611. RAX: 0x0000000000000000 RBX: 0x0000000000000001 RCX: 0x0000000000000C98
612. RDX: 0x0000000000000000 RDI: 0x0000000000000001 RSI: 0x0000000000000001
613. RSP: 0x00000000E75FEC68 RIP: 0x00000000F0E85C34 RBP: 0x00000000E75FF079
614. R8 : 0x0000000000002000 R9 : 0x00000000FFFFFFF8 R10: 0x00000000FFFFFFFF
615. R11: 0x00000000A04AAC98 R12: 0x00000000FFFFFFFF R13: 0x00000000E75FF1C0
616. R14: 0x0000000000000000 R15: 0x0000000000000001
617.  
618. Memory from 0x00000000F0E85C14
619. FF 66 66 66 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
620. 5B 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
621. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
622. 5C 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
623. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
624.  
625. Stack Trace
626. 0: ZwWaitForMultipleObjects 0x00000014
627. 1: WaitForMultipleObjectsEx 0x000000EF
628. 2: GetMetaDataPublicInterfaceFromInternal 0x0003A95E
629. 3: GetMetaDataPublicInterfaceFromInternal 0x0003A7F8
630. 4: GetMetaDataPublicInterfaceFromInternal 0x0003A5F1
631. 5: GetMetaDataPublicInterfaceFromInternal 0x0003EEB5
632. 13: DllCanUnloadNowInternal 0x00000BE3
633. 14: DllCanUnloadNowInternal 0x00000AA3
634. 15: DllCanUnloadNowInternal 0x000012F5
635. 16: GetPrivateContextsPerfCounters 0x00007B79
636. 17: DllCanUnloadNowInternal 0x000019A9
637. 18: DllCanUnloadNowInternal 0x00001924
638. 19: DllCanUnloadNowInternal 0x00001862
639. 20: DllCanUnloadNowInternal 0x000019E3
640. 21: GetPrivateContextsPerfCounters 0x00007A5B
641. 22: InstallCustomModule 0x00001C7F
642. 23: BaseThreadInitThunk 0x00000022
643. 24: RtlUserThreadStart 0x00000034
644.  
645.  
646.  
647. ------------------------------
648. THREAD ID: 0x000015BC
649. got context
650. Module path: C:\Windows\SYSTEM32\ntdll.dll
651. PC: 0x0000000053905C34 ModuleOffset: 0x00000000F0E85C34
652. RAX: 0x0000000000000000 RBX: 0x0000000000000001 RCX: 0x0000000000000E20
653. RDX: 0x0000000000000000 RDI: 0x0000000000000001 RSI: 0x0000000000000001
654. RSP: 0x00000000E79FE748 RIP: 0x00000000F0E85C34 RBP: 0x00000000E79FEB59
655. R8 : 0x0000000000002000 R9 : 0x00000000FFFFFFF8 R10: 0x00000000FFFFFFFF
656. R11: 0x00000000A053BE20 R12: 0x00000000FFFFFFFF R13: 0x00000000E79FECA0
657. R14: 0x0000000000000000 R15: 0x0000000000000001
658.  
659. Memory from 0x00000000F0E85C14
660. FF 66 66 66 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
661. 5B 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
662. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
663. 5C 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
664. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
665.  
666. Stack Trace
667. 0: ZwWaitForMultipleObjects 0x00000014
668. 1: WaitForMultipleObjectsEx 0x000000EF
669. 2: GetMetaDataPublicInterfaceFromInternal 0x0003A95E
670. 3: GetMetaDataPublicInterfaceFromInternal 0x0003A7F8
671. 4: GetMetaDataPublicInterfaceFromInternal 0x0003A5F1
672. 5: GetMetaDataPublicInterfaceFromInternal 0x0003EEB5
673. 13: DllCanUnloadNowInternal 0x00000BE3
674. 14: DllCanUnloadNowInternal 0x00000AA3
675. 15: DllCanUnloadNowInternal 0x000012F5
676. 16: GetPrivateContextsPerfCounters 0x00007B79
677. 17: DllCanUnloadNowInternal 0x000019A9
678. 18: DllCanUnloadNowInternal 0x00001924
679. 19: DllCanUnloadNowInternal 0x00001862
680. 20: DllCanUnloadNowInternal 0x000019E3
681. 21: GetPrivateContextsPerfCounters 0x00007A5B
682. 22: InstallCustomModule 0x00001C7F
683. 23: BaseThreadInitThunk 0x00000022
684. 24: RtlUserThreadStart 0x00000034
685.  
686.  
687.  
688. ------------------------------
689. THREAD ID: 0x00001D4C
690. got context
691. Module path: C:\Windows\SYSTEM32\ntdll.dll
692. PC: 0x0000000053905C34 ModuleOffset: 0x00000000F0E85C34
693. RAX: 0x0000000000000000 RBX: 0x0000000000000001 RCX: 0x0000000000000460
694. RDX: 0x0000000000000000 RDI: 0x0000000000000001 RSI: 0x0000000000000001
695. RSP: 0x00000000E7DFE898 RIP: 0x00000000F0E85C34 RBP: 0x00000000E7DFECA9
696. R8 : 0x0000000000005480 R9 : 0x00000000FFFFFFF8 R10: 0x00000000FFFFFFFF
697. R11: 0x00000000A0510FE0 R12: 0x00000000FFFFFFFF R13: 0x00000000E7DFEDF0
698. R14: 0x0000000000000000 R15: 0x0000000000000001
699.  
700. Memory from 0x00000000F0E85C14
701. FF 66 66 66 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
702. 5B 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
703. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
704. 5C 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
705. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
706.  
707. Stack Trace
708. 0: ZwWaitForMultipleObjects 0x00000014
709. 1: WaitForMultipleObjectsEx 0x000000EF
710. 2: GetMetaDataPublicInterfaceFromInternal 0x0003A95E
711. 3: GetMetaDataPublicInterfaceFromInternal 0x0003A7F8
712. 4: GetMetaDataPublicInterfaceFromInternal 0x0003A5F1
713. 5: GetMetaDataPublicInterfaceFromInternal 0x0003EEB5
714. 13: DllCanUnloadNowInternal 0x00000BE3
715. 14: DllCanUnloadNowInternal 0x00000AA3
716. 15: DllCanUnloadNowInternal 0x000012F5
717. 16: GetPrivateContextsPerfCounters 0x00007B79
718. 17: DllCanUnloadNowInternal 0x000019A9
719. 18: DllCanUnloadNowInternal 0x00001924
720. 19: DllCanUnloadNowInternal 0x00001862
721. 20: DllCanUnloadNowInternal 0x000019E3
722. 21: GetPrivateContextsPerfCounters 0x00007A5B
723. 22: InstallCustomModule 0x00001C7F
724. 23: BaseThreadInitThunk 0x00000022
725. 24: RtlUserThreadStart 0x00000034
726.  
727.  
728.  
729. ------------------------------
730. THREAD ID: 0x00002080
731. got context
732. Module path: C:\Windows\SYSTEM32\ntdll.dll
733. PC: 0x0000000053905C34 ModuleOffset: 0x00000000F0E85C34
734. RAX: 0x0000000000000000 RBX: 0x0000000000000001 RCX: 0x0000000000000788
735. RDX: 0x0000000000000000 RDI: 0x0000000000000001 RSI: 0x0000000000000001
736. RSP: 0x00000000E81FEB28 RIP: 0x00000000F0E85C34 RBP: 0x00000000E81FEF39
737. R8 : 0x0000000000002000 R9 : 0x00000000FFFFFFF8 R10: 0x00000000FFFFFFFF
738. R11: 0x00000000A04A3788 R12: 0x00000000FFFFFFFF R13: 0x00000000E81FF080
739. R14: 0x0000000000000000 R15: 0x0000000000000001
740.  
741. Memory from 0x00000000F0E85C14
742. FF 66 66 66 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
743. 5B 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
744. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
745. 5C 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
746. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
747.  
748. Stack Trace
749. 0: ZwWaitForMultipleObjects 0x00000014
750. 1: WaitForMultipleObjectsEx 0x000000EF
751. 2: GetMetaDataPublicInterfaceFromInternal 0x0003A95E
752. 3: GetMetaDataPublicInterfaceFromInternal 0x0003A7F8
753. 4: GetMetaDataPublicInterfaceFromInternal 0x0003A5F1
754. 5: GetMetaDataPublicInterfaceFromInternal 0x0003EEB5
755. 13: DllCanUnloadNowInternal 0x00000BE3
756. 14: DllCanUnloadNowInternal 0x00000AA3
757. 15: DllCanUnloadNowInternal 0x000012F5
758. 16: GetPrivateContextsPerfCounters 0x00007B79
759. 17: DllCanUnloadNowInternal 0x000019A9
760. 18: DllCanUnloadNowInternal 0x00001924
761. 19: DllCanUnloadNowInternal 0x00001862
762. 20: DllCanUnloadNowInternal 0x000019E3
763. 21: GetPrivateContextsPerfCounters 0x00007A5B
764. 22: InstallCustomModule 0x00001C7F
765. 23: BaseThreadInitThunk 0x00000022
766. 24: RtlUserThreadStart 0x00000034
767.  
768.  
769.  
770. ------------------------------
771. THREAD ID: 0x00001AB0
772. got context
773. Module path: C:\Windows\SYSTEM32\ntdll.dll
774. PC: 0x0000000053905C34 ModuleOffset: 0x00000000F0E85C34
775. RAX: 0x0000000000000000 RBX: 0x0000000000000001 RCX: 0x0000000000000668
776. RDX: 0x0000000000000000 RDI: 0x0000000000000001 RSI: 0x0000000000000001
777. RSP: 0x00000000E85FE308 RIP: 0x00000000F0E85C34 RBP: 0x00000000E85FE719
778. R8 : 0x0000000000005688 R9 : 0x00000000FFFFFFF8 R10: 0x00000000FFFFFFFF
779. R11: 0x00000000A048AFE0 R12: 0x00000000FFFFFFFF R13: 0x00000000E85FE860
780. R14: 0x0000000000000000 R15: 0x0000000000000001
781.  
782. Memory from 0x00000000F0E85C14
783. FF 66 66 66 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
784. 5B 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
785. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
786. 5C 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
787. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
788.  
789. Stack Trace
790. 0: ZwWaitForMultipleObjects 0x00000014
791. 1: WaitForMultipleObjectsEx 0x000000EF
792. 2: GetMetaDataPublicInterfaceFromInternal 0x0003A95E
793. 3: GetMetaDataPublicInterfaceFromInternal 0x0003A7F8
794. 4: GetMetaDataPublicInterfaceFromInternal 0x0003A5F1
795. 5: GetMetaDataPublicInterfaceFromInternal 0x0003EEB5
796. 13: DllCanUnloadNowInternal 0x00000BE3
797. 14: DllCanUnloadNowInternal 0x00000AA3
798. 15: DllCanUnloadNowInternal 0x000012F5
799. 16: GetPrivateContextsPerfCounters 0x00007B79
800. 17: DllCanUnloadNowInternal 0x000019A9
801. 18: DllCanUnloadNowInternal 0x00001924
802. 19: DllCanUnloadNowInternal 0x00001862
803. 20: DllCanUnloadNowInternal 0x000019E3
804. 21: GetPrivateContextsPerfCounters 0x00007A5B
805. 22: InstallCustomModule 0x00001C7F
806. 23: BaseThreadInitThunk 0x00000022
807. 24: RtlUserThreadStart 0x00000034
808.  
809.  
810.  
811. ------------------------------
812. THREAD ID: 0x00000CA0
813. got context
814. Module path: C:\Windows\SYSTEM32\ntdll.dll
815. PC: 0x0000000053905C34 ModuleOffset: 0x00000000F0E85C34
816. RAX: 0x0000000000000000 RBX: 0x0000000000000001 RCX: 0x0000000000000678
817. RDX: 0x0000000000000000 RDI: 0x0000000000000001 RSI: 0x0000000000000001
818. RSP: 0x00000000E89FE728 RIP: 0x00000000F0E85C34 RBP: 0x00000000E89FEB39
819. R8 : 0x0000000000002000 R9 : 0x00000000FFFFFFF8 R10: 0x00000000FFFFFFFF
820. R11: 0x00000000A0534678 R12: 0x00000000FFFFFFFF R13: 0x00000000E89FEC80
821. R14: 0x0000000000000000 R15: 0x0000000000000001
822.  
823. Memory from 0x00000000F0E85C14
824. FF 66 66 66 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
825. 5B 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
826. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
827. 5C 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
828. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
829.  
830. Stack Trace
831. 0: ZwWaitForMultipleObjects 0x00000014
832. 1: WaitForMultipleObjectsEx 0x000000EF
833. 2: GetMetaDataPublicInterfaceFromInternal 0x0003A95E
834. 3: GetMetaDataPublicInterfaceFromInternal 0x0003A7F8
835. 4: GetMetaDataPublicInterfaceFromInternal 0x0003A5F1
836. 5: GetMetaDataPublicInterfaceFromInternal 0x0003EEB5
837. 13: DllCanUnloadNowInternal 0x00000BE3
838. 14: DllCanUnloadNowInternal 0x00000AA3
839. 15: DllCanUnloadNowInternal 0x000012F5
840. 16: GetPrivateContextsPerfCounters 0x00007B79
841. 17: DllCanUnloadNowInternal 0x000019A9
842. 18: DllCanUnloadNowInternal 0x00001924
843. 19: DllCanUnloadNowInternal 0x00001862
844. 20: DllCanUnloadNowInternal 0x000019E3
845. 21: GetPrivateContextsPerfCounters 0x00007A5B
846. 22: InstallCustomModule 0x00001C7F
847. 23: BaseThreadInitThunk 0x00000022
848. 24: RtlUserThreadStart 0x00000034
849.  
850.  
851.  
852. ------------------------------
853. THREAD ID: 0x0000268C
854. got context
855. Module path: C:\Windows\SYSTEM32\ntdll.dll
856. PC: 0x0000000053905C34 ModuleOffset: 0x00000000F0E85C34
857. RAX: 0x0000000000000000 RBX: 0x0000000000000001 RCX: 0x00000000000009F0
858. RDX: 0x0000000000000000 RDI: 0x0000000000000001 RSI: 0x0000000000000001
859. RSP: 0x00000000E8DFE648 RIP: 0x00000000F0E85C34 RBP: 0x00000000E8DFEA59
860. R8 : 0x0000000000002000 R9 : 0x00000000FFFFFFF8 R10: 0x00000000FFFFFFFF
861. R11: 0x00000000A04D89F0 R12: 0x00000000FFFFFFFF R13: 0x00000000E8DFEBA0
862. R14: 0x0000000000000000 R15: 0x0000000000000001
863.  
864. Memory from 0x00000000F0E85C14
865. FF 66 66 66 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
866. 5B 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
867. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
868. 5C 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
869. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
870.  
871. Stack Trace
872. 0: ZwWaitForMultipleObjects 0x00000014
873. 1: WaitForMultipleObjectsEx 0x000000EF
874. 2: GetMetaDataPublicInterfaceFromInternal 0x0003A95E
875. 3: GetMetaDataPublicInterfaceFromInternal 0x0003A7F8
876. 4: GetMetaDataPublicInterfaceFromInternal 0x0003A5F1
877. 5: GetMetaDataPublicInterfaceFromInternal 0x0003EEB5
878. 13: DllCanUnloadNowInternal 0x00000BE3
879. 14: DllCanUnloadNowInternal 0x00000AA3
880. 15: DllCanUnloadNowInternal 0x000012F5
881. 16: GetPrivateContextsPerfCounters 0x00007B79
882. 17: DllCanUnloadNowInternal 0x000019A9
883. 18: DllCanUnloadNowInternal 0x00001924
884. 19: DllCanUnloadNowInternal 0x00001862
885. 20: DllCanUnloadNowInternal 0x000019E3
886. 21: GetPrivateContextsPerfCounters 0x00007A5B
887. 22: InstallCustomModule 0x00001C7F
888. 23: BaseThreadInitThunk 0x00000022
889. 24: RtlUserThreadStart 0x00000034
890.  
891.  
892.  
893. ------------------------------
894. THREAD ID: 0x00001CC8
895. got context
896. Module path: C:\Windows\SYSTEM32\ntdll.dll
897. PC: 0x0000000053905C34 ModuleOffset: 0x00000000F0E85C34
898. RAX: 0x0000000000000000 RBX: 0x0000000000000001 RCX: 0x0000000000000720
899. RDX: 0x0000000000000000 RDI: 0x0000000000000001 RSI: 0x0000000000000001
900. RSP: 0x00000000E91FE928 RIP: 0x00000000F0E85C34 RBP: 0x00000000E91FED39
901. R8 : 0x0000000000002000 R9 : 0x00000000FFFFFFF8 R10: 0x00000000FFFFFFFF
902. R11: 0x00000000A04DF720 R12: 0x00000000FFFFFFFF R13: 0x00000000E91FEE80
903. R14: 0x0000000000000000 R15: 0x0000000000000001
904.  
905. Memory from 0x00000000F0E85C14
906. FF 66 66 66 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
907. 5B 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
908. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
909. 5C 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
910. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
911.  
912. Stack Trace
913. 0: ZwWaitForMultipleObjects 0x00000014
914. 1: WaitForMultipleObjectsEx 0x000000EF
915. 2: GetMetaDataPublicInterfaceFromInternal 0x0003A95E
916. 3: GetMetaDataPublicInterfaceFromInternal 0x0003A7F8
917. 4: GetMetaDataPublicInterfaceFromInternal 0x0003A5F1
918. 5: GetMetaDataPublicInterfaceFromInternal 0x0003EEB5
919. 13: DllCanUnloadNowInternal 0x00000BE3
920. 14: DllCanUnloadNowInternal 0x00000AA3
921. 15: DllCanUnloadNowInternal 0x000012F5
922. 16: GetPrivateContextsPerfCounters 0x00007B79
923. 17: DllCanUnloadNowInternal 0x000019A9
924. 18: DllCanUnloadNowInternal 0x00001924
925. 19: DllCanUnloadNowInternal 0x00001862
926. 20: DllCanUnloadNowInternal 0x000019E3
927. 21: GetPrivateContextsPerfCounters 0x00007A5B
928. 22: InstallCustomModule 0x00001C7F
929. 23: BaseThreadInitThunk 0x00000022
930. 24: RtlUserThreadStart 0x00000034
931.  
932.  
933.  
934. ------------------------------
935. THREAD ID: 0x00002024
936. got context
937. Module path: C:\Windows\SYSTEM32\ntdll.dll
938. PC: 0x0000000053905C34 ModuleOffset: 0x00000000F0E85C34
939. RAX: 0x0000000000000000 RBX: 0x0000000000000001 RCX: 0x0000000000000FE0
940. RDX: 0x0000000000000000 RDI: 0x0000000000000001 RSI: 0x0000000000000001
941. RSP: 0x00000000E95FE898 RIP: 0x00000000F0E85C34 RBP: 0x00000000E95FECA9
942. R8 : 0x0000000000001F58 R9 : 0x00000000FFFFFFF8 R10: 0x00000000FFFFFFFF
943. R11: 0x00000000A0485088 R12: 0x00000000FFFFFFFF R13: 0x00000000E95FEDF0
944. R14: 0x0000000000000000 R15: 0x0000000000000001
945.  
946. Memory from 0x00000000F0E85C14
947. FF 66 66 66 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
948. 5B 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
949. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
950. 5C 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
951. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
952.  
953. Stack Trace
954. 0: ZwWaitForMultipleObjects 0x00000014
955. 1: WaitForMultipleObjectsEx 0x000000EF
956. 2: GetMetaDataPublicInterfaceFromInternal 0x0003A95E
957. 3: GetMetaDataPublicInterfaceFromInternal 0x0003A7F8
958. 4: GetMetaDataPublicInterfaceFromInternal 0x0003A5F1
959. 5: GetMetaDataPublicInterfaceFromInternal 0x0003EEB5
960. 13: DllCanUnloadNowInternal 0x00000BE3
961. 14: DllCanUnloadNowInternal 0x00000AA3
962. 15: DllCanUnloadNowInternal 0x000012F5
963. 16: GetPrivateContextsPerfCounters 0x00007B79
964. 17: DllCanUnloadNowInternal 0x000019A9
965. 18: DllCanUnloadNowInternal 0x00001924
966. 19: DllCanUnloadNowInternal 0x00001862
967. 20: DllCanUnloadNowInternal 0x000019E3
968. 21: GetPrivateContextsPerfCounters 0x00007A5B
969. 22: InstallCustomModule 0x00001C7F
970. 23: BaseThreadInitThunk 0x00000022
971. 24: RtlUserThreadStart 0x00000034
972.  
973.  
974.  
975. ------------------------------
976. THREAD ID: 0x0000202C
977. got context
978. Module path: C:\Windows\SYSTEM32\ntdll.dll
979. PC: 0x0000000053905C34 ModuleOffset: 0x00000000F0E85C34
980. RAX: 0x0000000000000000 RBX: 0x0000000000000001 RCX: 0x0000000000000868
981. RDX: 0x0000000000000000 RDI: 0x0000000000000001 RSI: 0x0000000000000001
982. RSP: 0x00000000E99FE778 RIP: 0x00000000F0E85C34 RBP: 0x00000000E99FEB89
983. R8 : 0x0000000000002000 R9 : 0x00000000FFFFFFF8 R10: 0x00000000FFFFFFFF
984. R11: 0x00000000A04C4868 R12: 0x00000000FFFFFFFF R13: 0x00000000E99FECD0
985. R14: 0x0000000000000000 R15: 0x0000000000000001
986.  
987. Memory from 0x00000000F0E85C14
988. FF 66 66 66 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
989. 5B 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
990. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
991. 5C 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
992. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
993.  
994. Stack Trace
995. 0: ZwWaitForMultipleObjects 0x00000014
996. 1: WaitForMultipleObjectsEx 0x000000EF
997. 2: GetMetaDataPublicInterfaceFromInternal 0x0003A95E
998. 3: GetMetaDataPublicInterfaceFromInternal 0x0003A7F8
999. 4: GetMetaDataPublicInterfaceFromInternal 0x0003A5F1
1000. 5: GetMetaDataPublicInterfaceFromInternal 0x0003EEB5
1001. 13: DllCanUnloadNowInternal 0x00000BE3
1002. 14: DllCanUnloadNowInternal 0x00000AA3
1003. 15: DllCanUnloadNowInternal 0x000012F5
1004. 16: GetPrivateContextsPerfCounters 0x00007B79
1005. 17: DllCanUnloadNowInternal 0x000019A9
1006. 18: DllCanUnloadNowInternal 0x00001924
1007. 19: DllCanUnloadNowInternal 0x00001862
1008. 20: DllCanUnloadNowInternal 0x000019E3
1009. 21: GetPrivateContextsPerfCounters 0x00007A5B
1010. 22: InstallCustomModule 0x00001C7F
1011. 23: BaseThreadInitThunk 0x00000022
1012. 24: RtlUserThreadStart 0x00000034
1013.  
1014.  
1015.  
1016. ------------------------------
1017. THREAD ID: 0x00002B0C
1018. got context
1019. Module path: C:\Windows\SYSTEM32\ntdll.dll
1020. PC: 0x0000000053905C34 ModuleOffset: 0x00000000F0E85C34
1021. RAX: 0x0000000000000000 RBX: 0x0000000000000001 RCX: 0x0000000000000FE0
1022. RDX: 0x0000000000000000 RDI: 0x0000000000000001 RSI: 0x0000000000000001
1023. RSP: 0x00000000E9DFE7B8 RIP: 0x00000000F0E85C34 RBP: 0x00000000E9DFEBC9
1024. R8 : 0x0000000000001300 R9 : 0x00000000FFFFFFF8 R10: 0x00000000FFFFFFFF
1025. R11: 0x00000000A0495CE0 R12: 0x00000000FFFFFFFF R13: 0x00000000E9DFED10
1026. R14: 0x0000000000000000 R15: 0x0000000000000001
1027.  
1028. Memory from 0x00000000F0E85C14
1029. FF 66 66 66 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
1030. 5B 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
1031. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
1032. 5C 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
1033. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
1034.  
1035. Stack Trace
1036. 0: ZwWaitForMultipleObjects 0x00000014
1037. 1: WaitForMultipleObjectsEx 0x000000EF
1038. 2: GetMetaDataPublicInterfaceFromInternal 0x0003A95E
1039. 3: GetMetaDataPublicInterfaceFromInternal 0x0003A7F8
1040. 4: GetMetaDataPublicInterfaceFromInternal 0x0003A5F1
1041. 5: GetMetaDataPublicInterfaceFromInternal 0x0003EEB5
1042. 13: DllCanUnloadNowInternal 0x00000BE3
1043. 14: DllCanUnloadNowInternal 0x00000AA3
1044. 15: DllCanUnloadNowInternal 0x000012F5
1045. 16: GetPrivateContextsPerfCounters 0x00007B79
1046. 17: DllCanUnloadNowInternal 0x000019A9
1047. 18: DllCanUnloadNowInternal 0x00001924
1048. 19: DllCanUnloadNowInternal 0x00001862
1049. 20: DllCanUnloadNowInternal 0x000019E3
1050. 21: GetPrivateContextsPerfCounters 0x00007A5B
1051. 22: InstallCustomModule 0x00001C7F
1052. 23: BaseThreadInitThunk 0x00000022
1053. 24: RtlUserThreadStart 0x00000034
1054.  
1055.  
1056.  
1057. ------------------------------
1058. THREAD ID: 0x00001DA4
1059. got context
1060. Module path: C:\Windows\SYSTEM32\ntdll.dll
1061. PC: 0x0000000053905C34 ModuleOffset: 0x00000000F0E85C34
1062. RAX: 0x0000000000000000 RBX: 0x0000000000000001 RCX: 0x00000000000004A8
1063. RDX: 0x0000000000000000 RDI: 0x0000000000000001 RSI: 0x0000000000000001
1064. RSP: 0x00000000EA1FE0C8 RIP: 0x00000000F0E85C34 RBP: 0x00000000EA1FE4D9
1065. R8 : 0x0000000000002000 R9 : 0x00000000FFFFFFF8 R10: 0x00000000FFFFFFFF
1066. R11: 0x00000000A05434A8 R12: 0x00000000FFFFFFFF R13: 0x00000000EA1FE620
1067. R14: 0x0000000000000000 R15: 0x0000000000000001
1068.  
1069. Memory from 0x00000000F0E85C14
1070. FF 66 66 66 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
1071. 5B 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
1072. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
1073. 5C 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
1074. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
1075.  
1076. Stack Trace
1077. 0: ZwWaitForMultipleObjects 0x00000014
1078. 1: WaitForMultipleObjectsEx 0x000000EF
1079. 2: GetMetaDataPublicInterfaceFromInternal 0x0003A95E
1080. 3: GetMetaDataPublicInterfaceFromInternal 0x0003A7F8
1081. 4: GetMetaDataPublicInterfaceFromInternal 0x0003A5F1
1082. 5: GetMetaDataPublicInterfaceFromInternal 0x0003EEB5
1083. 13: DllCanUnloadNowInternal 0x00000BE3
1084. 14: DllCanUnloadNowInternal 0x00000AA3
1085. 15: DllCanUnloadNowInternal 0x000012F5
1086. 16: GetPrivateContextsPerfCounters 0x00007B79
1087. 17: DllCanUnloadNowInternal 0x000019A9
1088. 18: DllCanUnloadNowInternal 0x00001924
1089. 19: DllCanUnloadNowInternal 0x00001862
1090. 20: DllCanUnloadNowInternal 0x000019E3
1091. 21: GetPrivateContextsPerfCounters 0x00007A5B
1092. 22: InstallCustomModule 0x00001C7F
1093. 23: BaseThreadInitThunk 0x00000022
1094. 24: RtlUserThreadStart 0x00000034
1095.  
1096.  
1097.  
1098. ------------------------------
1099. THREAD ID: 0x000016E4
1100. got context
1101. Module path: C:\Windows\SYSTEM32\ntdll.dll
1102. PC: 0x0000000053905C34 ModuleOffset: 0x00000000F0E85C34
1103. RAX: 0x0000000000000000 RBX: 0x0000000000000001 RCX: 0x0000000000000618
1104. RDX: 0x0000000000000000 RDI: 0x0000000000000001 RSI: 0x0000000000000001
1105. RSP: 0x00000000EA5FE6B8 RIP: 0x00000000F0E85C34 RBP: 0x00000000EA5FEAC9
1106. R8 : 0x0000000000002000 R9 : 0x00000000FFFFFFF8 R10: 0x00000000FFFFFFFF
1107. R11: 0x00000000A051E618 R12: 0x00000000FFFFFFFF R13: 0x00000000EA5FEC10
1108. R14: 0x0000000000000000 R15: 0x0000000000000001
1109.  
1110. Memory from 0x00000000F0E85C14
1111. FF 66 66 66 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
1112. 5B 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
1113. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
1114. 5C 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
1115. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
1116.  
1117. Stack Trace
1118. 0: ZwWaitForMultipleObjects 0x00000014
1119. 1: WaitForMultipleObjectsEx 0x000000EF
1120. 2: GetMetaDataPublicInterfaceFromInternal 0x0003A95E
1121. 3: GetMetaDataPublicInterfaceFromInternal 0x0003A7F8
1122. 4: GetMetaDataPublicInterfaceFromInternal 0x0003A5F1
1123. 5: GetMetaDataPublicInterfaceFromInternal 0x0003EEB5
1124. 13: DllCanUnloadNowInternal 0x00000BE3
1125. 14: DllCanUnloadNowInternal 0x00000AA3
1126. 15: DllCanUnloadNowInternal 0x000012F5
1127. 16: GetPrivateContextsPerfCounters 0x00007B79
1128. 17: DllCanUnloadNowInternal 0x000019A9
1129. 18: DllCanUnloadNowInternal 0x00001924
1130. 19: DllCanUnloadNowInternal 0x00001862
1131. 20: DllCanUnloadNowInternal 0x000019E3
1132. 21: GetPrivateContextsPerfCounters 0x00007A5B
1133. 22: InstallCustomModule 0x00001C7F
1134. 23: BaseThreadInitThunk 0x00000022
1135. 24: RtlUserThreadStart 0x00000034
1136.  
1137.  
1138.  
1139. ------------------------------
1140. THREAD ID: 0x00001A08
1141. got context
1142. Module path: C:\Windows\SYSTEM32\ntdll.dll
1143. PC: 0x0000000053905C34 ModuleOffset: 0x00000000F0E85C34
1144. RAX: 0x0000000000000000 RBX: 0x0000000000000001 RCX: 0x0000000000000FE0
1145. RDX: 0x0000000000000000 RDI: 0x0000000000000001 RSI: 0x0000000000000001
1146. RSP: 0x00000000EA9FE468 RIP: 0x00000000F0E85C34 RBP: 0x00000000EA9FE879
1147. R8 : 0x0000000000002000 R9 : 0x00000000FFFFFFF8 R10: 0x00000000FFFFFFFF
1148. R11: 0x00000000A0674FE0 R12: 0x00000000FFFFFFFF R13: 0x00000000EA9FE9C0
1149. R14: 0x0000000000000000 R15: 0x0000000000000001
1150.  
1151. Memory from 0x00000000F0E85C14
1152. FF 66 66 66 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
1153. 5B 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
1154. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
1155. 5C 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
1156. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
1157.  
1158. Stack Trace
1159. 0: ZwWaitForMultipleObjects 0x00000014
1160. 1: WaitForMultipleObjectsEx 0x000000EF
1161. 2: GetMetaDataPublicInterfaceFromInternal 0x0003A95E
1162. 3: GetMetaDataPublicInterfaceFromInternal 0x0003A7F8
1163. 4: GetMetaDataPublicInterfaceFromInternal 0x0003A5F1
1164. 5: GetMetaDataPublicInterfaceFromInternal 0x0003EEB5
1165. 13: DllCanUnloadNowInternal 0x00000BE3
1166. 14: DllCanUnloadNowInternal 0x00000AA3
1167. 15: DllCanUnloadNowInternal 0x000012F5
1168. 16: GetPrivateContextsPerfCounters 0x00007B79
1169. 17: DllCanUnloadNowInternal 0x000019A9
1170. 18: DllCanUnloadNowInternal 0x00001924
1171. 19: DllCanUnloadNowInternal 0x00001862
1172. 20: DllCanUnloadNowInternal 0x000019E3
1173. 21: GetPrivateContextsPerfCounters 0x00007A5B
1174. 22: InstallCustomModule 0x00001C7F
1175. 23: BaseThreadInitThunk 0x00000022
1176. 24: RtlUserThreadStart 0x00000034
1177.  
1178.  
1179.  
1180. ------------------------------
1181. THREAD ID: 0x00002618
1182. got context
1183. Module path: C:\Windows\SYSTEM32\ntdll.dll
1184. PC: 0x0000000053905164 ModuleOffset: 0x00000000F0E85164
1185. RAX: 0x0000000000000000 RBX: 0x0000000000000000 RCX: 0x0000000000000FE0
1186. RDX: 0x0000000000000000 RDI: 0x000000000000060C RSI: 0x0000000000004E20
1187. RSP: 0x00000000EADFEED8 RIP: 0x00000000F0E85164 RBP: 0x00000000EADFF060
1188. R8 : 0x0000000000002000 R9 : 0x00000000FFFFFFF8 R10: 0x00000000FFFFFFFF
1189. R11: 0x00000000A0546FE0 R12: 0x0000000000000001 R13: 0x0000000000000000
1190. R14: 0x00000000EADFEF08 R15: 0x00000000FFFF0000
1191.  
1192. Memory from 0x00000000F0E85144
1193. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
1194. 04 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
1195. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
1196. 05 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
1197. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
1198.  
1199. Stack Trace
1200. 0: NtWaitForSingleObject 0x00000014
1201. 1: WaitForSingleObjectEx 0x0000008F
1202. 2: DllCanUnloadNowInternal 0x00002202
1203. 3: DllCanUnloadNowInternal 0x0000237F
1204. 4: DllCanUnloadNowInternal 0x000023EA
1205. 5: InstallCustomModule 0x00001C7F
1206. 6: BaseThreadInitThunk 0x00000022
1207. 7: RtlUserThreadStart 0x00000034
1208.  
1209.  
1210.  
1211. ------------------------------
1212. THREAD ID: 0x00000908
1213. Did NOT get context (Error: 0x00000000)
1214.  
1215.  
1216.  
1217. ------------------------------
1218. THREAD ID: 0x0000250C
1219. got context
1220. Module path: C:\Windows\SYSTEM32\ntdll.dll
1221. PC: 0x0000000053905164 ModuleOffset: 0x00000000F0E85164
1222. RAX: 0x0000000000000000 RBX: 0x0000000000000000 RCX: 0x0000000000000618
1223. RDX: 0x0000000000000000 RDI: 0x000000000000060C RSI: 0x0000000000004E20
1224. RSP: 0x00000000EB1FF0B8 RIP: 0x00000000F0E85164 RBP: 0x00000000EB1FF240
1225. R8 : 0x0000000000002000 R9 : 0x00000000FFFFFFF8 R10: 0x00000000FFFFFFFF
1226. R11: 0x00000000A0524618 R12: 0x0000000000000001 R13: 0x0000000000000000
1227. R14: 0x00000000EB1FF0E8 R15: 0x00000000FFFF0000
1228.  
1229. Memory from 0x00000000F0E85144
1230. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
1231. 04 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
1232. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
1233. 05 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
1234. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
1235.  
1236. Stack Trace
1237. 0: NtWaitForSingleObject 0x00000014
1238. 1: WaitForSingleObjectEx 0x0000008F
1239. 2: DllCanUnloadNowInternal 0x00002202
1240. 3: DllCanUnloadNowInternal 0x0000237F
1241. 4: DllCanUnloadNowInternal 0x000023EA
1242. 5: InstallCustomModule 0x00001C7F
1243. 6: BaseThreadInitThunk 0x00000022
1244. 7: RtlUserThreadStart 0x00000034
1245.  
1246.  
1247.  
1248. ------------------------------
1249. THREAD ID: 0x0000223C
1250. got context
1251. Module path: C:\Windows\SYSTEM32\ntdll.dll
1252. PC: 0x0000000053905164 ModuleOffset: 0x00000000F0E85164
1253. RAX: 0x0000000000000000 RBX: 0x0000000000000000 RCX: 0x0000000000000FE0
1254. RDX: 0x0000000000000000 RDI: 0x000000000000060C RSI: 0x0000000000004E20
1255. RSP: 0x00000000EB5FEC88 RIP: 0x00000000F0E85164 RBP: 0x00000000EB5FEE10
1256. R8 : 0x0000000000002000 R9 : 0x00000000FFFFFFF8 R10: 0x00000000FFFFFFFF
1257. R11: 0x00000000A0374FE0 R12: 0x0000000000000001 R13: 0x0000000000000000
1258. R14: 0x00000000EB5FECB8 R15: 0x00000000FFFF0000
1259.  
1260. Memory from 0x00000000F0E85144
1261. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
1262. 04 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
1263. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
1264. 05 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
1265. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
1266.  
1267. Stack Trace
1268. 0: NtWaitForSingleObject 0x00000014
1269. 1: WaitForSingleObjectEx 0x0000008F
1270. 2: DllCanUnloadNowInternal 0x00002202
1271. 3: DllCanUnloadNowInternal 0x0000237F
1272. 4: DllCanUnloadNowInternal 0x000023EA
1273. 5: InstallCustomModule 0x00001C7F
1274. 6: BaseThreadInitThunk 0x00000022
1275. 7: RtlUserThreadStart 0x00000034
1276.  
1277.  
1278.  
1279. ------------------------------
1280. THREAD ID: 0x00002980
1281. got context
1282. Module path: C:\Windows\SYSTEM32\ntdll.dll
1283. PC: 0x0000000053905164 ModuleOffset: 0x00000000F0E85164
1284. RAX: 0x0000000000000000 RBX: 0x0000000000000000 RCX: 0x0000000000000FE0
1285. RDX: 0x0000000000000000 RDI: 0x000000000000060C RSI: 0x0000000000004E20
1286. RSP: 0x00000000EB9FEC28 RIP: 0x00000000F0E85164 RBP: 0x00000000EB9FEDB0
1287. R8 : 0x0000000000002000 R9 : 0x00000000FFFFFFF8 R10: 0x00000000FFFFFFFF
1288. R11: 0x00000000A0E0CFE0 R12: 0x0000000000000001 R13: 0x0000000000000000
1289. R14: 0x00000000EB9FEC58 R15: 0x00000000FFFF0000
1290.  
1291. Memory from 0x00000000F0E85144
1292. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
1293. 04 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
1294. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
1295. 05 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
1296. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
1297.  
1298. Stack Trace
1299. 0: NtWaitForSingleObject 0x00000014
1300. 1: WaitForSingleObjectEx 0x0000008F
1301. 2: DllCanUnloadNowInternal 0x00002202
1302. 3: DllCanUnloadNowInternal 0x0000237F
1303. 4: DllCanUnloadNowInternal 0x000023EA
1304. 5: InstallCustomModule 0x00001C7F
1305. 6: BaseThreadInitThunk 0x00000022
1306. 7: RtlUserThreadStart 0x00000034
1307.  
1308.  
1309.  
1310. ------------------------------
1311. THREAD ID: 0x0000246C
1312. got context
1313. Module path: C:\Windows\SYSTEM32\ntdll.dll
1314. PC: 0x0000000053905164 ModuleOffset: 0x00000000F0E85164
1315. RAX: 0x0000000000000000 RBX: 0x0000000000000000 RCX: 0x0000000000000FE0
1316. RDX: 0x0000000000000000 RDI: 0x000000000000060C RSI: 0x0000000000004E20
1317. RSP: 0x00000000EBDFEC08 RIP: 0x00000000F0E85164 RBP: 0x00000000EBDFED90
1318. R8 : 0x0000000000002000 R9 : 0x00000000FFFFFFF8 R10: 0x00000000FFFFFFFF
1319. R11: 0x00000000A0CBEFE0 R12: 0x0000000000000001 R13: 0x0000000000000000
1320. R14: 0x00000000EBDFEC38 R15: 0x00000000FFFF0000
1321.  
1322. Memory from 0x00000000F0E85144
1323. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
1324. 04 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
1325. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
1326. 05 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
1327. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
1328.  
1329. Stack Trace
1330. 0: NtWaitForSingleObject 0x00000014
1331. 1: WaitForSingleObjectEx 0x0000008F
1332. 2: DllCanUnloadNowInternal 0x00002202
1333. 3: DllCanUnloadNowInternal 0x0000237F
1334. 4: DllCanUnloadNowInternal 0x000023EA
1335. 5: InstallCustomModule 0x00001C7F
1336. 6: BaseThreadInitThunk 0x00000022
1337. 7: RtlUserThreadStart 0x00000034
1338.  
1339.  
1340.  
1341. ------------------------------
1342. THREAD ID: 0x00002A78
1343. got context
1344. Module path: C:\Windows\SYSTEM32\ntdll.dll
1345. PC: 0x0000000053905164 ModuleOffset: 0x00000000F0E85164
1346. RAX: 0x0000000000000000 RBX: 0x0000000000000000 RCX: 0x0000000000000FE0
1347. RDX: 0x0000000000000000 RDI: 0x000000000000060C RSI: 0x0000000000004E20
1348. RSP: 0x00000000EC1FF0E8 RIP: 0x00000000F0E85164 RBP: 0x00000000EC1FF270
1349. R8 : 0x0000000000002000 R9 : 0x00000000FFFFFFF8 R10: 0x00000000FFFFFFFF
1350. R11: 0x00000000A102CFE0 R12: 0x0000000000000001 R13: 0x0000000000000000
1351. R14: 0x00000000EC1FF118 R15: 0x00000000FFFF0000
1352.  
1353. Memory from 0x00000000F0E85144
1354. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
1355. 04 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
1356. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
1357. 05 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
1358. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
1359.  
1360. Stack Trace
1361. 0: NtWaitForSingleObject 0x00000014
1362. 1: WaitForSingleObjectEx 0x0000008F
1363. 2: DllCanUnloadNowInternal 0x00002202
1364. 3: DllCanUnloadNowInternal 0x0000237F
1365. 4: DllCanUnloadNowInternal 0x000023EA
1366. 5: InstallCustomModule 0x00001C7F
1367. 6: BaseThreadInitThunk 0x00000022
1368. 7: RtlUserThreadStart 0x00000034
1369.  
1370.  
1371.  
1372. ------------------------------
1373. THREAD ID: 0x00000D90
1374. got context
1375. Module path: C:\Windows\SYSTEM32\ntdll.dll
1376. PC: 0x0000000053905164 ModuleOffset: 0x00000000F0E85164
1377. RAX: 0x0000000000000000 RBX: 0x0000000000000000 RCX: 0x0000000000000FE0
1378. RDX: 0x0000000000000000 RDI: 0x000000000000060C RSI: 0x0000000000004E20
1379. RSP: 0x00000000EC5FEAB8 RIP: 0x00000000F0E85164 RBP: 0x00000000EC5FEC40
1380. R8 : 0x0000000000002000 R9 : 0x00000000FFFFFFF8 R10: 0x00000000FFFFFFFF
1381. R11: 0x00000000A118AFE0 R12: 0x0000000000000001 R13: 0x0000000000000000
1382. R14: 0x00000000EC5FEAE8 R15: 0x00000000FFFF0000
1383.  
1384. Memory from 0x00000000F0E85144
1385. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
1386. 04 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
1387. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
1388. 05 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
1389. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
1390.  
1391. Stack Trace
1392. 0: NtWaitForSingleObject 0x00000014
1393. 1: WaitForSingleObjectEx 0x0000008F
1394. 2: DllCanUnloadNowInternal 0x00002223
1395. 4: DllCanUnloadNowInternal 0x00002ECF
1396. 6: DllCanUnloadNowInternal 0x00001BC5
1397. 7: InstallCustomModule 0x00001C7F
1398. 8: BaseThreadInitThunk 0x00000022
1399. 9: RtlUserThreadStart 0x00000034
1400.  
1401.  
1402.  
1403. ------------------------------
1404. THREAD ID: 0x00000784
1405. got context
1406. Module path: C:\Windows\SYSTEM32\ntdll.dll
1407. PC: 0x0000000053905164 ModuleOffset: 0x00000000F0E85164
1408. RAX: 0x0000000000000000 RBX: 0x0000000000000000 RCX: 0x0000000000000FE0
1409. RDX: 0x0000000000000000 RDI: 0x000000000000060C RSI: 0x0000000000004E20
1410. RSP: 0x00000000EC9FE928 RIP: 0x00000000F0E85164 RBP: 0x00000000EC9FEAB0
1411. R8 : 0x0000000000002000 R9 : 0x00000000FFFFFFF8 R10: 0x00000000FFFFFFFF
1412. R11: 0x00000000A1062FE0 R12: 0x0000000000000001 R13: 0x0000000000000000
1413. R14: 0x00000000EC9FE958 R15: 0x00000000FFFF0000
1414.  
1415. Memory from 0x00000000F0E85144
1416. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
1417. 04 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
1418. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
1419. 05 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
1420. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
1421.  
1422. Stack Trace
1423. 0: NtWaitForSingleObject 0x00000014
1424. 1: WaitForSingleObjectEx 0x0000008F
1425. 2: DllCanUnloadNowInternal 0x00002202
1426. 3: DllCanUnloadNowInternal 0x0000237F
1427. 4: DllCanUnloadNowInternal 0x000023EA
1428. 5: InstallCustomModule 0x00001C7F
1429. 6: BaseThreadInitThunk 0x00000022
1430. 7: RtlUserThreadStart 0x00000034
1431.  
1432.  
1433.  
1434. ------------------------------
1435. THREAD ID: 0x0000226C
1436. got context
1437. Module path: C:\Windows\SYSTEM32\ntdll.dll
1438. PC: 0x0000000053906D54 ModuleOffset: 0x00000000F0E86D54
1439. RAX: 0x0000000000000796 RBX: 0x0000000000000001 RCX: 0x000000000000D48C
1440. RDX: 0x00000000B8460000 RDI: 0x0000000000000E1C RSI: 0x00000000000002C8
1441. RSP: 0x00000000ECDFC558 RIP: 0x00000000F0E86D54 RBP: 0x0000000000000D40
1442. R8 : 0x0000000000000795 R9 : 0x0000000000000D40 R10: 0x0000000000000000
1443. R11: 0x0000000000000246 R12: 0x00000000E1FB1A20 R13: 0x0000000000000001
1444. R14: 0x00000000ECDFCC80 R15: 0x00000000FFFFFFFF
1445.  
1446. Memory from 0x00000000F0E86D34
1447. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
1448. E4 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
1449. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
1450. E5 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
1451. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
1452.  
1453. Stack Trace
1454. 0: NtGetContextThread 0x00000014
1455.  
1456.  
1457.  
1458. ------------------------------
1459. THREAD ID: 0x000029E0
1460. got context
1461. Module path: C:\Windows\SYSTEM32\ntdll.dll
1462. PC: 0x0000000053905164 ModuleOffset: 0x00000000F0E85164
1463. RAX: 0x00000000DAB183C0 RBX: 0x0000000000000000 RCX: 0x00000000DAB183C0
1464. RDX: 0x00000000DA906688 RDI: 0x000000000000060C RSI: 0x0000000000004E20
1465. RSP: 0x00000000ED1FEF08 RIP: 0x00000000F0E85164 RBP: 0x00000000ED1FF090
1466. R8 : 0x00000000DFBC0000 R9 : 0x0000000000000001 R10: 0x0000000000000002
1467. R11: 0x00000000ED1FD270 R12: 0x0000000000000001 R13: 0x0000000000000000
1468. R14: 0x00000000ED1FEF38 R15: 0x00000000FFFF0000
1469.  
1470. Memory from 0x00000000F0E85144
1471. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
1472. 04 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
1473. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
1474. 05 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
1475. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
1476.  
1477. Stack Trace
1478. 0: NtWaitForSingleObject 0x00000014
1479. 1: WaitForSingleObjectEx 0x0000008F
1480. 2: DllCanUnloadNowInternal 0x00002202
1481. 3: DllCanUnloadNowInternal 0x0000237F
1482. 4: DllCanUnloadNowInternal 0x000023EA
1483. 5: InstallCustomModule 0x00001C7F
1484. 6: BaseThreadInitThunk 0x00000022
1485. 7: RtlUserThreadStart 0x00000034
1486.  
1487.  
1488.  
1489. ------------------------------
1490. THREAD ID: 0x00000A04
1491. got context
1492. Module path: C:\Windows\SYSTEM32\ntdll.dll
1493. PC: 0x0000000053905164 ModuleOffset: 0x00000000F0E85164
1494. RAX: 0x00000000A10C6400 RBX: 0x0000000000000000 RCX: 0x00000000ED5FE240
1495. RDX: 0x00000000A10C6400 RDI: 0x000000000000060C RSI: 0x0000000000004E20
1496. RSP: 0x00000000ED5FEB08 RIP: 0x00000000F0E85164 RBP: 0x00000000ED5FEC90
1497. R8 : 0x0000000000000000 R9 : 0x0000000000000000 R10: 0x00000000A10C80C8
1498. R11: 0x00000000B8A20140 R12: 0x0000000000000001 R13: 0x0000000000000000
1499. R14: 0x00000000ED5FEB38 R15: 0x00000000FFFF0000
1500.  
1501. Memory from 0x00000000F0E85144
1502. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
1503. 04 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
1504. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
1505. 05 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
1506. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
1507.  
1508. Stack Trace
1509. 0: NtWaitForSingleObject 0x00000014
1510. 1: WaitForSingleObjectEx 0x0000008F
1511. 2: DllCanUnloadNowInternal 0x00002202
1512. 3: DllCanUnloadNowInternal 0x0000237F
1513. 4: DllCanUnloadNowInternal 0x000023EA
1514. 5: InstallCustomModule 0x00001C7F
1515. 6: BaseThreadInitThunk 0x00000022
1516. 7: RtlUserThreadStart 0x00000034
1517.  
1518.  
1519.  
1520. ------------------------------
1521. THREAD ID: 0x00002548
1522. got context
1523. Module path: C:\Windows\SYSTEM32\ntdll.dll
1524. PC: 0x0000000053905164 ModuleOffset: 0x00000000F0E85164
1525. RAX: 0x00000000C00000BB RBX: 0x0000000000000000 RCX: 0x00000000ED9FEDF8
1526. RDX: 0x0000000000000000 RDI: 0x000000000000060C RSI: 0x0000000000004E20
1527. RSP: 0x00000000ED9FECA8 RIP: 0x00000000F0E85164 RBP: 0x00000000ED9FEE30
1528. R8 : 0x00000000E18E6000 R9 : 0x0000000000000000 R10: 0x0000000000000000
1529. R11: 0x00000000ED9FEDD8 R12: 0x0000000000000001 R13: 0x0000000000000000
1530. R14: 0x00000000ED9FECD8 R15: 0x00000000FFFF0000
1531.  
1532. Memory from 0x00000000F0E85144
1533. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
1534. 04 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
1535. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
1536. 05 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
1537. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
1538.  
1539. Stack Trace
1540. 0: NtWaitForSingleObject 0x00000014
1541. 1: WaitForSingleObjectEx 0x0000008F
1542. 2: DllCanUnloadNowInternal 0x00002202
1543. 3: DllCanUnloadNowInternal 0x0000237F
1544. 4: DllCanUnloadNowInternal 0x000023EA
1545. 5: InstallCustomModule 0x00001C7F
1546. 6: BaseThreadInitThunk 0x00000022
1547. 7: RtlUserThreadStart 0x00000034
1548.  
1549.  
1550.  
1551. ------------------------------
1552. THREAD ID: 0x00002420
1553. got context
1554. Module path: C:\Windows\SYSTEM32\ntdll.dll
1555. PC: 0x0000000053905764 ModuleOffset: 0x00000000F0E85764
1556. RAX: 0x0000000000000000 RBX: 0x0000000000000001 RCX: 0x0000000000000FE0
1557. RDX: 0x0000000000000000 RDI: 0x0000000000000000 RSI: 0x000000000000003E
1558. RSP: 0x00000000EDDFE3C8 RIP: 0x00000000F0E85764 RBP: 0x000000000000003E
1559. R8 : 0x0000000000002000 R9 : 0x00000000FFFFFFF8 R10: 0x00000000FFFFFFFF
1560. R11: 0x00000000A0DEAFE0 R12: 0x0000000000000000 R13: 0x00000000EDDFE9E0
1561. R14: 0x00000000EDDFE3F0 R15: 0x0000000000000000
1562.  
1563. Memory from 0x00000000F0E85744
1564. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
1565. 34 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
1566. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
1567. 35 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
1568. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
1569.  
1570. Stack Trace
1571. 0: ZwDelayExecution 0x00000014
1572. 1: SleepEx 0x000000A7
1573. 2: LogHelp_LogAssert 0x00000B13
1574. 3: GetMetaDataPublicInterfaceFromInternal 0x00008830
1575. 4: GetMetaDataPublicInterfaceFromInternal 0x0000870D
1576. 12: DllCanUnloadNowInternal 0x00000BE3
1577. 13: DllCanUnloadNowInternal 0x00000AA3
1578. 14: DllCanUnloadNowInternal 0x000012F5
1579. 15: GetPrivateContextsPerfCounters 0x00007B79
1580. 16: DllCanUnloadNowInternal 0x000019A9
1581. 17: DllCanUnloadNowInternal 0x00001924
1582. 18: DllCanUnloadNowInternal 0x00001862
1583. 19: DllCanUnloadNowInternal 0x000019E3
1584. 20: GetPrivateContextsPerfCounters 0x00007A5B
1585. 21: InstallCustomModule 0x00001C7F
1586. 22: BaseThreadInitThunk 0x00000022
1587. 23: RtlUserThreadStart 0x00000034
1588.  
1589.  
1590.  
1591. ------------------------------
1592. THREAD ID: 0x00000C44
1593. got context
1594. Module path: C:\Windows\SYSTEM32\ntdll.dll
1595. PC: 0x0000000053905164 ModuleOffset: 0x00000000F0E85164
1596. RAX: 0x0000000000000001 RBX: 0x0000000000000000 RCX: 0x00000000B8015088
1597. RDX: 0x0000000000190002 RDI: 0x000000000000016C RSI: 0x00000000FFFFFFFF
1598. RSP: 0x00000000EDE7E708 RIP: 0x00000000F0E85164 RBP: 0x00000000B8A23FC0
1599. R8 : 0x000000009D821500 R9 : 0x0000000000000000 R10: 0x0000000000000000
1600. R11: 0x0000000000000064 R12: 0x0000000000000000 R13: 0x0000000080000000
1601. R14: 0x0000000000000000 R15: 0x0000000000000000
1602.  
1603. Memory from 0x00000000F0E85144
1604. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
1605. 04 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
1606. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
1607. 05 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
1608. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
1609.  
1610. Stack Trace
1611. 0: NtWaitForSingleObject 0x00000014
1612. 1: WaitForSingleObjectEx 0x0000008F
1613. 2: GetMetaDataPublicInterfaceFromInternal 0x00008D67
1614. 3: GetMetaDataPublicInterfaceFromInternal 0x00008D1F
1615. 4: GetMetaDataPublicInterfaceFromInternal 0x00008CE0
1616. 5: GetPrivateContextsPerfCounters 0x00000E3C
1617. 6: InstallCustomModule 0x00001C7F
1618. 7: BaseThreadInitThunk 0x00000022
1619. 8: RtlUserThreadStart 0x00000034
1620.  
1621.  
1622.  
1623. ------------------------------
1624. THREAD ID: 0x000005D0
1625. got context
1626. Module path: C:\Windows\SYSTEM32\ntdll.dll
1627. PC: 0x00000000539087F4 ModuleOffset: 0x00000000F0E887F4
1628. RAX: 0x0000000000000000 RBX: 0x00000000B8A8D100 RCX: 0x00000000F0E0B350
1629. RDX: 0x00000000B80103E0 RDI: 0x0000000000000000 RSI: 0x0000000000000010
1630. RSP: 0x00000000EE27F558 RIP: 0x00000000F0E887F4 RBP: 0x0000000000000000
1631. R8 : 0x0000000000000000 R9 : 0x0000000000000000 R10: 0x0000000000000000
1632. R11: 0x0000000000000000 R12: 0x0000000000000000 R13: 0x00000000F0E0E130
1633. R14: 0x00000000F0DE9AF0 R15: 0x00000000B80103E0
1634.  
1635. Memory from 0x00000000F0E887D4
1636. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
1637. B9 01 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
1638. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
1639. BA 01 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
1640. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
1641.  
1642. Stack Trace
1643. 0: ZwWaitForWorkViaWorkerFactory 0x00000014
1644. 1: RtlAcquireSRWLockShared 0x00003E28
1645. 2: BaseThreadInitThunk 0x00000022
1646. 3: RtlUserThreadStart 0x00000034
1647.  
1648.  
1649.  
1650. ------------------------------
1651. THREAD ID: 0x000022D8
1652. got context
1653. Module path: C:\Windows\SYSTEM32\ntdll.dll
1654. PC: 0x0000000053905C34 ModuleOffset: 0x00000000F0E85C34
1655. RAX: 0x0000000000000000 RBX: 0x0000000000000001 RCX: 0x00000000ED7D64D0
1656. RDX: 0x00000000B89595D0 RDI: 0x0000000000000001 RSI: 0x0000000000000000
1657. RSP: 0x00000000EE67FB98 RIP: 0x00000000F0E85C34 RBP: 0x0000000000000000
1658. R8 : 0x0000000000000000 R9 : 0x0000000000000000 R10: 0x0000000000000000
1659. R11: 0x0000000000000000 R12: 0x0000000000003A98 R13: 0x00000000B89595E0
1660. R14: 0x00000000EE67FBF0 R15: 0x0000000000000000
1661.  
1662. Memory from 0x00000000F0E85C14
1663. FF 66 66 66 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
1664. 5B 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
1665. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
1666. 5C 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
1667. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
1668.  
1669. Stack Trace
1670. 0: ZwWaitForMultipleObjects 0x00000014
1671. 1: WaitForMultipleObjectsEx 0x000000EF
1672. 2: CryptGetDefaultOIDFunctionAddress 0x00000520
1673. 3: BaseThreadInitThunk 0x00000022
1674. 4: RtlUserThreadStart 0x00000034
1675.  
1676.  
1677.  
1678. ------------------------------
1679. THREAD ID: 0x00002A6C
1680. got context
1681. Module path: C:\Windows\SYSTEM32\ntdll.dll
1682. PC: 0x0000000053905164 ModuleOffset: 0x00000000F0E85164
1683. RAX: 0x0000000000000000 RBX: 0x0000000000000000 RCX: 0x000000009D677F10
1684. RDX: 0x0000000000000001 RDI: 0x000000000000060C RSI: 0x0000000000004E20
1685. RSP: 0x00000000EEA7E868 RIP: 0x00000000F0E85164 RBP: 0x00000000EEA7E9F0
1686. R8 : 0x000000009AC5B6C2 R9 : 0x000000009F58C1E8 R10: 0x00000000DCA8B178
1687. R11: 0x0000000000000000 R12: 0x0000000000000001 R13: 0x0000000000000000
1688. R14: 0x00000000EEA7E898 R15: 0x00000000FFFF0000
1689.  
1690. Memory from 0x00000000F0E85144
1691. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
1692. 04 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
1693. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
1694. 05 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
1695. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
1696.  
1697. Stack Trace
1698. 0: NtWaitForSingleObject 0x00000014
1699. 1: WaitForSingleObjectEx 0x0000008F
1700. 2: DllCanUnloadNowInternal 0x00002202
1701. 3: DllCanUnloadNowInternal 0x0000237F
1702. 4: DllCanUnloadNowInternal 0x000023EA
1703. 5: InstallCustomModule 0x00001C7F
1704. 6: BaseThreadInitThunk 0x00000022
1705. 7: RtlUserThreadStart 0x00000034
1706.  
1707.  
1708.  
1709. ------------------------------
1710. THREAD ID: 0x0000115C
1711. got context
1712. Module path: C:\Windows\SYSTEM32\ntdll.dll
1713. PC: 0x0000000053905164 ModuleOffset: 0x00000000F0E85164
1714. RAX: 0x0000000000000018 RBX: 0x0000000000000000 RCX: 0x000000009F47B460
1715. RDX: 0x0000000000000000 RDI: 0x000000000000060C RSI: 0x0000000000004E20
1716. RSP: 0x00000000EEE7F598 RIP: 0x00000000F0E85164 RBP: 0x00000000EEE7F720
1717. R8 : 0x00000000EEE7F0B8 R9 : 0x0000000000000000 R10: 0x0000000000000025
1718. R11: 0x0000000009685E53 R12: 0x0000000000000001 R13: 0x0000000000000000
1719. R14: 0x00000000EEE7F5C8 R15: 0x00000000FFFF0000
1720.  
1721. Memory from 0x00000000F0E85144
1722. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
1723. 04 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
1724. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
1725. 05 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
1726. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
1727.  
1728. Stack Trace
1729. 0: NtWaitForSingleObject 0x00000014
1730. 1: WaitForSingleObjectEx 0x0000008F
1731. 2: DllCanUnloadNowInternal 0x00002202
1732. 3: DllCanUnloadNowInternal 0x0000237F
1733. 4: DllCanUnloadNowInternal 0x000023EA
1734. 5: InstallCustomModule 0x00001C7F
1735. 6: BaseThreadInitThunk 0x00000022
1736. 7: RtlUserThreadStart 0x00000034
1737.  
1738.  
1739.  
1740. ------------------------------
1741. THREAD ID: 0x00001D94
1742. got context
1743. Module path: C:\Windows\SYSTEM32\ntdll.dll
1744. PC: 0x0000000053905164 ModuleOffset: 0x00000000F0E85164
1745. RAX: 0x0000000000000004 RBX: 0x0000000000000000 RCX: 0x0000000000000003
1746. RDX: 0x0000000000000011 RDI: 0x000000000000060C RSI: 0x0000000000004E20
1747. RSP: 0x00000000EF27F928 RIP: 0x00000000F0E85164 RBP: 0x00000000EF27FAB0
1748. R8 : 0x00000000EF27F9B8 R9 : 0x0000000000000000 R10: 0x0000000000000000
1749. R11: 0x0000000000000246 R12: 0x0000000000000001 R13: 0x0000000000000000
1750. R14: 0x00000000EF27F958 R15: 0x00000000FFFF0000
1751.  
1752. Memory from 0x00000000F0E85144
1753. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
1754. 04 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
1755. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
1756. 05 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
1757. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
1758.  
1759. Stack Trace
1760. 0: NtWaitForSingleObject 0x00000014
1761. 1: WaitForSingleObjectEx 0x0000008F
1762. 2: DllCanUnloadNowInternal 0x00002202
1763. 3: DllCanUnloadNowInternal 0x0000237F
1764. 4: DllCanUnloadNowInternal 0x000023EA
1765. 5: InstallCustomModule 0x00001C7F
1766. 6: BaseThreadInitThunk 0x00000022
1767. 7: RtlUserThreadStart 0x00000034
1768.  
1769.  
1770.  
1771. ------------------------------
1772. THREAD ID: 0x000020FC
1773. got context
1774. Module path: C:\Windows\SYSTEM32\ntdll.dll
1775. PC: 0x00000000539051A4 ModuleOffset: 0x00000000F0E851A4
1776. RAX: 0x00000000B8A24790 RBX: 0x00000000EF67ED58 RCX: 0x000000009F479050
1777. RDX: 0x00000000EF67EE30 RDI: 0x0000000000000000 RSI: 0x00000000000012EC
1778. RSP: 0x00000000EF67EBB8 RIP: 0x00000000F0E851A4 RBP: 0x00000000EF67ED10
1779. R8 : 0x00000000A1134388 R9 : 0x0000000000000001 R10: 0x00000000DD01A350
1780. R11: 0x00000000DCAC23D0 R12: 0x0000000000000001 R13: 0x00000000EF67F230
1781. R14: 0x0000000000000000 R15: 0x0000000000000000
1782.  
1783. Memory from 0x00000000F0E85184
1784. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
1785. 06 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
1786. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
1787. 07 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
1788. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
1789.  
1790. Stack Trace
1791. 0: ZwReadFile 0x00000014
1792.  
1793.  
1794.  
1795. ------------------------------
1796. THREAD ID: 0x000027D0
1797. got context
1798. Module path: C:\Windows\SYSTEM32\ntdll.dll
1799. PC: 0x0000000053905164 ModuleOffset: 0x00000000F0E85164
1800. RAX: 0x0000000000000005 RBX: 0x0000000000000000 RCX: 0x0000000000000004
1801. RDX: 0x0000000000000005 RDI: 0x000000000000060C RSI: 0x0000000000004E20
1802. RSP: 0x00000000EFA7F888 RIP: 0x00000000F0E85164 RBP: 0x00000000EFA7FA10
1803. R8 : 0x00000000EFA7F918 R9 : 0x0000000000000000 R10: 0x0000000000000000
1804. R11: 0x0000000000000246 R12: 0x0000000000000001 R13: 0x0000000000000000
1805. R14: 0x00000000EFA7F8B8 R15: 0x00000000FFFF0000
1806.  
1807. Memory from 0x00000000F0E85144
1808. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
1809. 04 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
1810. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
1811. 05 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
1812. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
1813.  
1814. Stack Trace
1815. 0: NtWaitForSingleObject 0x00000014
1816. 1: WaitForSingleObjectEx 0x0000008F
1817. 2: DllCanUnloadNowInternal 0x00002202
1818. 3: DllCanUnloadNowInternal 0x0000237F
1819. 4: DllCanUnloadNowInternal 0x000023EA
1820. 5: InstallCustomModule 0x00001C7F
1821. 6: BaseThreadInitThunk 0x00000022
1822. 7: RtlUserThreadStart 0x00000034
1823.  
1824.  
1825.  
1826. ------------------------------
1827. THREAD ID: 0x000019A8
1828. got context
1829. Module path: C:\Windows\SYSTEM32\ntdll.dll
1830. PC: 0x0000000053905C34 ModuleOffset: 0x00000000F0E85C34
1831. RAX: 0x00000000F027EC38 RBX: 0x0000000000000001 RCX: 0x0000000000002000
1832. RDX: 0x0000000000000800 RDI: 0x0000000000000001 RSI: 0x0000000000000001
1833. RSP: 0x00000000F027E388 RIP: 0x00000000F0E85C34 RBP: 0x00000000F027E799
1834. R8 : 0x00000000F027EAE8 R9 : 0x00000000F027EC30 R10: 0x0000000000000000
1835. R11: 0x00000000F027EC20 R12: 0x00000000FFFFFFFF R13: 0x00000000B8A1DC00
1836. R14: 0x0000000000000000 R15: 0x0000000000000000
1837.  
1838. Memory from 0x00000000F0E85C14
1839. FF 66 66 66 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
1840. 5B 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
1841. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
1842. 5C 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
1843. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
1844.  
1845. Stack Trace
1846. 0: ZwWaitForMultipleObjects 0x00000014
1847. 1: WaitForMultipleObjectsEx 0x000000EF
1848. 2: GetMetaDataPublicInterfaceFromInternal 0x0003A95E
1849. 3: GetMetaDataPublicInterfaceFromInternal 0x0003A7F8
1850. 4: GetMetaDataPublicInterfaceFromInternal 0x0003A5F1
1851. 5: GetMetaDataPublicInterfaceFromInternal 0x0003AA2F
1852. 6: GetPrivateContextsPerfCounters 0x000080CF
1853. 7: GetPrivateContextsPerfCounters 0x0000809C
1854. 8: GetPrivateContextsPerfCounters 0x00007E41
1855. 23: DllCanUnloadNowInternal 0x00000BE3
1856. 24: DllCanUnloadNowInternal 0x00000AA3
1857. 25: DllCanUnloadNowInternal 0x000012F5
1858. 26: DllCanUnloadNowInternal 0x00003009
1859. 27: DllCanUnloadNowInternal 0x000019A9
1860. 28: DllCanUnloadNowInternal 0x00001924
1861. 29: DllCanUnloadNowInternal 0x00001862
1862. 30: DllCanUnloadNowInternal 0x000019E3
1863. 31: DllCanUnloadNowInternal 0x00002F70
1864. 32: DllCanUnloadNowInternal 0x00001E9C
1865. 33: DllCanUnloadNowInternal 0x00001BC5
1866. 34: InstallCustomModule 0x00001C7F
1867. 35: BaseThreadInitThunk 0x00000022
1868. 36: RtlUserThreadStart 0x00000034
1869.  
1870.  
1871.  
1872. ------------------------------
1873. THREAD ID: 0x00002128
1874. got context
1875. Module path: C:\Windows\SYSTEM32\ntdll.dll
1876. PC: 0x00000000539087F4 ModuleOffset: 0x00000000F0E887F4
1877. RAX: 0x0000000000000001 RBX: 0x00000000B8BBC010 RCX: 0x0000000000010400
1878. RDX: 0x0000000000008013 RDI: 0x00000000B8BBC390 RSI: 0x0000000000000010
1879. RSP: 0x00000000F067F628 RIP: 0x00000000F0E887F4 RBP: 0x0000000000000000
1880. R8 : 0x00000000F067EFC0 R9 : 0x0000000000000000 R10: 0x0000000000000000
1881. R11: 0x00000000F067EFD4 R12: 0x0000000000000000 R13: 0x00000000F0E0E130
1882. R14: 0x00000000F0DE9AF0 R15: 0x000000009D663C70
1883.  
1884. Memory from 0x00000000F0E887D4
1885. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
1886. B9 01 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
1887. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
1888. BA 01 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
1889. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
1890.  
1891. Stack Trace
1892. 0: ZwWaitForWorkViaWorkerFactory 0x00000014
1893. 1: RtlAcquireSRWLockShared 0x00003E28
1894. 2: BaseThreadInitThunk 0x00000022
1895. 3: RtlUserThreadStart 0x00000034
1896.  
1897.  
1898.  
1899. ------------------------------
1900. THREAD ID: 0x00001B18
1901. got context
1902. Module path: C:\Windows\SYSTEM32\ntdll.dll
1903. PC: 0x0000000053905164 ModuleOffset: 0x00000000F0E85164
1904. RAX: 0x000000000BBB6F55 RBX: 0x0000000000000000 RCX: 0x000000009F597068
1905. RDX: 0x0000000000000007 RDI: 0x000000000000060C RSI: 0x0000000000004E20
1906. RSP: 0x00000000F0A7FA58 RIP: 0x00000000F0E85164 RBP: 0x00000000F0A7FBE0
1907. R8 : 0x000000000000001C R9 : 0x000000009F597088 R10: 0x0000000000000007
1908. R11: 0x000000006C756C67 R12: 0x0000000000000001 R13: 0x0000000000000000
1909. R14: 0x00000000F0A7FA88 R15: 0x00000000FFFF0000
1910.  
1911. Memory from 0x00000000F0E85144
1912. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
1913. 04 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
1914. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
1915. 05 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
1916. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
1917.  
1918. Stack Trace
1919. 0: NtWaitForSingleObject 0x00000014
1920. 1: WaitForSingleObjectEx 0x0000008F
1921. 2: DllCanUnloadNowInternal 0x00002202
1922. 3: DllCanUnloadNowInternal 0x0000237F
1923. 4: DllCanUnloadNowInternal 0x000023EA
1924. 5: InstallCustomModule 0x00001C7F
1925. 6: BaseThreadInitThunk 0x00000022
1926. 7: RtlUserThreadStart 0x00000034
1927.  
1928.  
1929.  
1930. ------------------------------
1931. THREAD ID: 0x000009AC
1932. got context
1933. Module path: C:\Windows\SYSTEM32\ntdll.dll
1934. PC: 0x0000000053905164 ModuleOffset: 0x00000000F0E85164
1935. RAX: 0x0000000000000003 RBX: 0x0000000000000000 RCX: 0x0000000000000004
1936. RDX: 0x0000000000000003 RDI: 0x000000000000060C RSI: 0x0000000000004E20
1937. RSP: 0x00000000F0E7F538 RIP: 0x00000000F0E85164 RBP: 0x00000000F0E7F6C0
1938. R8 : 0x00000000F0E7F5C8 R9 : 0x0000000000000000 R10: 0x0000000000000000
1939. R11: 0x0000000000000246 R12: 0x0000000000000001 R13: 0x0000000000000000
1940. R14: 0x00000000F0E7F568 R15: 0x00000000FFFF0000
1941.  
1942. Memory from 0x00000000F0E85144
1943. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
1944. 04 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
1945. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
1946. 05 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
1947. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
1948.  
1949. Stack Trace
1950. 0: NtWaitForSingleObject 0x00000014
1951. 1: WaitForSingleObjectEx 0x0000008F
1952. 2: DllCanUnloadNowInternal 0x00002202
1953. 3: DllCanUnloadNowInternal 0x0000237F
1954. 4: DllCanUnloadNowInternal 0x000023EA
1955. 5: InstallCustomModule 0x00001C7F
1956. 6: BaseThreadInitThunk 0x00000022
1957. 7: RtlUserThreadStart 0x00000034
1958.  
1959.  
1960.  
1961. ------------------------------
1962. THREAD ID: 0x00002678
1963. got context
1964. Module path: C:\Windows\SYSTEM32\ntdll.dll
1965. PC: 0x0000000053905C34 ModuleOffset: 0x00000000F0E85C34
1966. RAX: 0x00000000F127EBF8 RBX: 0x0000000000000001 RCX: 0x0000000000002000
1967. RDX: 0x0000000000000800 RDI: 0x0000000000000001 RSI: 0x0000000000000001
1968. RSP: 0x00000000F127E348 RIP: 0x00000000F0E85C34 RBP: 0x00000000F127E759
1969. R8 : 0x00000000F127EAA8 R9 : 0x00000000F127EBF0 R10: 0x0000000000000000
1970. R11: 0x00000000F127EBE0 R12: 0x00000000FFFFFFFF R13: 0x00000000B8BC90C0
1971. R14: 0x0000000000000000 R15: 0x0000000000000000
1972.  
1973. Memory from 0x00000000F0E85C14
1974. FF 66 66 66 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
1975. 5B 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
1976. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
1977. 5C 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
1978. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
1979.  
1980. Stack Trace
1981. 0: ZwWaitForMultipleObjects 0x00000014
1982. 1: WaitForMultipleObjectsEx 0x000000EF
1983. 2: GetMetaDataPublicInterfaceFromInternal 0x0003A95E
1984. 3: GetMetaDataPublicInterfaceFromInternal 0x0003A7F8
1985. 4: GetMetaDataPublicInterfaceFromInternal 0x0003A5F1
1986. 5: GetMetaDataPublicInterfaceFromInternal 0x0003AA2F
1987. 6: GetPrivateContextsPerfCounters 0x000080CF
1988. 7: GetPrivateContextsPerfCounters 0x0000809C
1989. 8: GetPrivateContextsPerfCounters 0x00007E41
1990. 23: DllCanUnloadNowInternal 0x00000BE3
1991. 24: DllCanUnloadNowInternal 0x00000AA3
1992. 25: DllCanUnloadNowInternal 0x000012F5
1993. 26: DllCanUnloadNowInternal 0x00003009
1994. 27: DllCanUnloadNowInternal 0x000019A9
1995. 28: DllCanUnloadNowInternal 0x00001924
1996. 29: DllCanUnloadNowInternal 0x00001862
1997. 30: DllCanUnloadNowInternal 0x000019E3
1998. 31: DllCanUnloadNowInternal 0x00002F70
1999. 32: DllCanUnloadNowInternal 0x00001E9C
2000. 33: DllCanUnloadNowInternal 0x00001BC5
2001. 34: InstallCustomModule 0x00001C7F
2002. 35: BaseThreadInitThunk 0x00000022
2003. 36: RtlUserThreadStart 0x00000034
2004.  
2005.  
2006.  
2007. ------------------------------
2008. THREAD ID: 0x000025F8
2009. got context
2010. Module path: C:\Windows\SYSTEM32\ntdll.dll
2011. PC: 0x0000000053905164 ModuleOffset: 0x00000000F0E85164
2012. RAX: 0x0000000000000000 RBX: 0x0000000000000000 RCX: 0x000000009F479050
2013. RDX: 0x000000009F47AAF8 RDI: 0x000000000000060C RSI: 0x0000000000004E20
2014. RSP: 0x00000000F167F6C8 RIP: 0x00000000F0E85164 RBP: 0x00000000F167F850
2015. R8 : 0x00000000A1169070 R9 : 0x0000000000000001 R10: 0x0000000000000000
2016. R11: 0x00000000DCAC2290 R12: 0x0000000000000001 R13: 0x0000000000000000
2017. R14: 0x00000000F167F6F8 R15: 0x00000000FFFF0000
2018.  
2019. Memory from 0x00000000F0E85144
2020. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
2021. 04 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
2022. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
2023. 05 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
2024. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
2025.  
2026. Stack Trace
2027. 0: NtWaitForSingleObject 0x00000014
2028. 1: WaitForSingleObjectEx 0x0000008F
2029. 2: DllCanUnloadNowInternal 0x00002202
2030. 3: DllCanUnloadNowInternal 0x0000237F
2031. 4: DllCanUnloadNowInternal 0x000023EA
2032. 5: InstallCustomModule 0x00001C7F
2033. 6: BaseThreadInitThunk 0x00000022
2034. 7: RtlUserThreadStart 0x00000034
2035.  
2036.  
2037.  
2038. ------------------------------
2039. THREAD ID: 0x00000A74
2040. got context
2041. Module path: C:\Windows\SYSTEM32\ntdll.dll
2042. PC: 0x0000000053905164 ModuleOffset: 0x00000000F0E85164
2043. RAX: 0x0000000000000002 RBX: 0x0000000000000000 RCX: 0x0000000000000004
2044. RDX: 0x0000000000000002 RDI: 0x000000000000060C RSI: 0x0000000000004E20
2045. RSP: 0x00000000F1A7F188 RIP: 0x00000000F0E85164 RBP: 0x00000000F1A7F310
2046. R8 : 0x00000000F1A7F218 R9 : 0x0000000000000000 R10: 0x0000000000000000
2047. R11: 0x0000000000000246 R12: 0x0000000000000001 R13: 0x0000000000000000
2048. R14: 0x00000000F1A7F1B8 R15: 0x00000000FFFF0000
2049.  
2050. Memory from 0x00000000F0E85144
2051. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
2052. 04 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
2053. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
2054. 05 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
2055. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
2056.  
2057. Stack Trace
2058. 0: NtWaitForSingleObject 0x00000014
2059. 1: WaitForSingleObjectEx 0x0000008F
2060. 2: DllCanUnloadNowInternal 0x00002202
2061. 3: DllCanUnloadNowInternal 0x0000237F
2062. 4: DllCanUnloadNowInternal 0x000023EA
2063. 5: InstallCustomModule 0x00001C7F
2064. 6: BaseThreadInitThunk 0x00000022
2065. 7: RtlUserThreadStart 0x00000034
2066.  
2067.  
2068.  
2069. ------------------------------
2070. THREAD ID: 0x00001BA0
2071. got context
2072. Module path: C:\Windows\SYSTEM32\ntdll.dll
2073. PC: 0x0000000053905164 ModuleOffset: 0x00000000F0E85164
2074. RAX: 0x0000000000000000 RBX: 0x0000000000000000 RCX: 0x0000000000000FE0
2075. RDX: 0x0000000000000000 RDI: 0x000000000000060C RSI: 0x0000000000004E20
2076. RSP: 0x00000000F1E7F318 RIP: 0x00000000F0E85164 RBP: 0x00000000F1E7F4A0
2077. R8 : 0x0000000000002000 R9 : 0x00000000FFFFFFF8 R10: 0x00000000FFFFFFFF
2078. R11: 0x00000000A1439FE0 R12: 0x0000000000000001 R13: 0x0000000000000000
2079. R14: 0x00000000F1E7F348 R15: 0x00000000FFFF0000
2080.  
2081. Memory from 0x00000000F0E85144
2082. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
2083. 04 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
2084. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
2085. 05 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
2086. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
2087.  
2088. Stack Trace
2089. 0: NtWaitForSingleObject 0x00000014
2090. 1: WaitForSingleObjectEx 0x0000008F
2091. 2: DllCanUnloadNowInternal 0x00002202
2092. 3: DllCanUnloadNowInternal 0x0000237F
2093. 4: DllCanUnloadNowInternal 0x000023EA
2094. 5: InstallCustomModule 0x00001C7F
2095. 6: BaseThreadInitThunk 0x00000022
2096. 7: RtlUserThreadStart 0x00000034
2097.  
2098.  
2099.  
2100. ------------------------------
2101. THREAD ID: 0x00000CAC
2102. got context
2103. Module path: C:\Windows\SYSTEM32\ntdll.dll
2104. PC: 0x0000000053905164 ModuleOffset: 0x00000000F0E85164
2105. RAX: 0x0000000000000000 RBX: 0x0000000000000000 RCX: 0x0000000000000FE0
2106. RDX: 0x0000000000000000 RDI: 0x000000000000060C RSI: 0x0000000000004E20
2107. RSP: 0x00000000F227EF98 RIP: 0x00000000F0E85164 RBP: 0x00000000F227F120
2108. R8 : 0x0000000000002000 R9 : 0x00000000FFFFFFF8 R10: 0x00000000FFFFFFFF
2109. R11: 0x00000000A101AFE0 R12: 0x0000000000000001 R13: 0x0000000000000000
2110. R14: 0x00000000F227EFC8 R15: 0x00000000FFFF0000
2111.  
2112. Memory from 0x00000000F0E85144
2113. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
2114. 04 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
2115. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
2116. 05 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
2117. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
2118.  
2119. Stack Trace
2120. 0: NtWaitForSingleObject 0x00000014
2121. 1: WaitForSingleObjectEx 0x0000008F
2122. 2: DllCanUnloadNowInternal 0x00002202
2123. 3: DllCanUnloadNowInternal 0x0000237F
2124. 4: DllCanUnloadNowInternal 0x000023EA
2125. 5: InstallCustomModule 0x00001C7F
2126. 6: BaseThreadInitThunk 0x00000022
2127. 7: RtlUserThreadStart 0x00000034
2128.  
2129.  
2130.  
2131.  
2132.  
2133. Exception in: C:\Windows\SYSTEM32\ntdll.dll
2134. Exception: Unknown exception
2135. PC: 0x0000000070B85639 ModuleOffset: 0x00000000F0ED5639
2136.  
2137.  
2138. Module path: C:\Windows\SYSTEM32\ntdll.dll
2139. PC: 0x0000000070B85639 ModuleOffset: 0x00000000F0ED5639
2140. RAX: 0x0000000000000000 RBX: 0x0000000080493E00 RCX: 0x0000000000000000
2141. RDX: 0x0000000000000000 RDI: 0x0000000000000000 RSI: 0x0000000000000014
2142. RSP: 0x00000000961FF750 RIP: 0x00000000F0ED5639 RBP: 0x0000000080493FE0
2143. R8 : 0x0000000000000000 R9 : 0x0000000000000000 R10: 0x0000000000000000
2144. R11: 0x0000000000000000 R12: 0x0000000000000000 R13: 0x00000000F0E0E130
2145. R14: 0x0000000000000000 R15: 0x0000000080493EE8
2146.  
2147. Memory from 0x00000000F0ED5619
2148. 40 C7 44 24 20 0A 07 00 C0 48 89 54 24 48 4C 89
2149. 44 24 50 C7 44 24 24 01 00 00 00 E8 37 13 F4 FF
2150. 48 8B 8C 24 C0 00 00 00 48 33 CC E8 F7 01 FA FF
2151. 48 81 C4 D8 00 00 00 C3 CC CC CC CC CC CC CC 48
2152. 81 EC D8 00 00 00 48 8B 05 A2 2D 06 00 48 33 C4
2153.  
2154. Stack Trace
2155. 18: - 0x0
2156.  
2157. 17: - 0x0
2158.  
2159. 16: UnhandledExceptionFilter - 0xED5E7C70
2160.  
2161. 15: TpDbgDumpHeapUsage - 0xF0ED5420
2162.  
2163. 14: TpDbgDumpHeapUsage - 0xF0ED5420
2164.  
2165. 13: memset - 0xF0E8B900
2166.  
2167. 12: _C_specific_handler - 0xF0E75A90
2168.  
2169. 11: RtlRaiseStatus - 0xF0E84A90
2170.  
2171. 10: _chkstk - 0xF0E89A00
2172.  
2173. 9: RtlImageNtHeaderEx - 0xF0E14B30
2174.  
2175. 8: RtlRaiseException - 0xF0E16970
2176.  
2177. 7: TpDbgDumpHeapUsage - 0xF0ED5420
2178.  
2179. 6: memset - 0xF0E8B900
2180.  
2181. 5: TpSetWaitEx - 0xF0DEA960
2182.  
2183. 4: CsrClientConnectToServer - 0xF0E31EF0
2184.  
2185. 3: TpAllocWait - 0xF0DE9600
2186.  
2187. 2: RtlAcquireSRWLockShared - 0xF0E077C0
2188.  
2189. 1: BaseThreadInitThunk - 0xEE1F80E0
2190.  
2191. 0: RtlUserThreadStart - 0xF0E3C580
2192.  
2193.  
2194.  
2195. ------------------------------
2196. THREAD ID: 0x00001FE0
2197. got context
2198. Module path: C:\Windows\SYSTEM32\ntdll.dll
2199. PC: 0x0000000070B35764 ModuleOffset: 0x00000000F0E85764
2200. RAX: 0x00000000C388D000 RBX: 0x0000000000000001 RCX: 0x00000000919FE910
2201. RDX: 0x0000000000000000 RDI: 0x0000000000000000 RSI: 0x0000000000000005
2202. RSP: 0x00000000919FE8B8 RIP: 0x00000000F0E85764 RBP: 0x0000000000000005
2203. R8 : 0x00000000FFFFFFFF R9 : 0x000000008210E490 R10: 0x00000000DCE47FA0
2204. R11: 0x0000000082169A58 R12: 0x000000008CAFFC00 R13: 0x0000000000000001
2205. R14: 0x00000000919FE8E0 R15: 0x0000000000000000
2206.  
2207. Memory from 0x00000000F0E85744
2208. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
2209. 34 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
2210. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
2211. 35 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
2212. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
2213.  
2214. Stack Trace
2215. 0: ZwDelayExecution 0x00000014
2216. 1: SleepEx 0x000000A7
2217. 2: LogHelp_LogAssert 0x00000B13
2218. 3: GetMetaDataPublicInterfaceFromInternal 0x00008830
2219. 4: GetMetaDataPublicInterfaceFromInternal 0x0000870D
2220. 10: DllCanUnloadNowInternal 0x00000BE3
2221. 11: DllCanUnloadNowInternal 0x00000AA3
2222. 12: DllCanUnloadNowInternal 0x000012F5
2223. 13: GetCLRFunction 0x00001406
2224. 14: GetCLRFunction 0x00001266
2225. 15: GetCLRFunction 0x00001116
2226. 16: GetCLRFunction 0x000015C4
2227. 17: GetCLRFunction 0x00001542
2228. 18: CorExeMain 0x00000014
2229. 19: CorExeMain 0x0000006D
2230. 20: CorExeMain 0x000000E4
2231. 21: CorExeMain 0x0000000B
2232. 22: BaseThreadInitThunk 0x00000022
2233. 23: RtlUserThreadStart 0x00000034
2234.  
2235.  
2236.  
2237. ------------------------------
2238. THREAD ID: 0x00000D44
2239. got context
2240. Module path: C:\Windows\SYSTEM32\ntdll.dll
2241. PC: 0x0000000070B387F4 ModuleOffset: 0x00000000F0E887F4
2242. RAX: 0x00000000EA600AE5 RBX: 0x0000000080498080 RCX: 0x0000000000000073
2243. RDX: 0x0000000005DCB715 RDI: 0x0000000080498400 RSI: 0x0000000000000010
2244. RSP: 0x0000000091DFF488 RIP: 0x00000000F0E887F4 RBP: 0x0000000000000000
2245. R8 : 0x00000000000004D4 R9 : 0x00000000000004EE R10: 0x00000000000004BA
2246. R11: 0x00000000EA600AE4 R12: 0x0000000000000000 R13: 0x00000000F0E0E130
2247. R14: 0x00000000F0DE9AF0 R15: 0x0000000080492E10
2248.  
2249. Memory from 0x00000000F0E887D4
2250. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
2251. B9 01 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
2252. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
2253. BA 01 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
2254. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
2255.  
2256. Stack Trace
2257. 0: ZwWaitForWorkViaWorkerFactory 0x00000014
2258. 1: RtlAcquireSRWLockShared 0x00003E28
2259. 2: BaseThreadInitThunk 0x00000022
2260. 3: RtlUserThreadStart 0x00000034
2261.  
2262.  
2263.  
2264. ------------------------------
2265. THREAD ID: 0x00002E54
2266. got context
2267. Module path: C:\Windows\SYSTEM32\ntdll.dll
2268. PC: 0x0000000070B387F4 ModuleOffset: 0x00000000F0E887F4
2269. RAX: 0x0000000000000000 RBX: 0x000000008049ABF0 RCX: 0x00000000EA35F142
2270. RDX: 0x00000000EA2E0000 RDI: 0x000000008049AF70 RSI: 0x0000000000000010
2271. RSP: 0x00000000921FF398 RIP: 0x00000000F0E887F4 RBP: 0x0000000000000000
2272. R8 : 0x00000000921FEAF0 R9 : 0x000000000000006C R10: 0x00000000921FECA4
2273. R11: 0x00000000921FE950 R12: 0x0000000000000000 R13: 0x00000000F0E0E130
2274. R14: 0x00000000F0DE9AF0 R15: 0x0000000080492E10
2275.  
2276. Memory from 0x00000000F0E887D4
2277. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
2278. B9 01 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
2279. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
2280. BA 01 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
2281. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
2282.  
2283. Stack Trace
2284. 0: ZwWaitForWorkViaWorkerFactory 0x00000014
2285. 1: RtlAcquireSRWLockShared 0x00003E28
2286. 2: BaseThreadInitThunk 0x00000022
2287. 3: RtlUserThreadStart 0x00000034
2288.  
2289.  
2290.  
2291. ------------------------------
2292. THREAD ID: 0x000019B0
2293. got context
2294. Module path: C:\Windows\SYSTEM32\ntdll.dll
2295. PC: 0x0000000070B35C34 ModuleOffset: 0x00000000F0E85C34
2296. RAX: 0x0000000000000000 RBX: 0x0000000000000003 RCX: 0x00000000DFCBD820
2297. RDX: 0x0000000000000000 RDI: 0x0000000000000003 RSI: 0x0000000000000000
2298. RSP: 0x00000000925FF828 RIP: 0x00000000F0E85C34 RBP: 0x00000000925FFB89
2299. R8 : 0x0000000000000000 R9 : 0x0000000000000000 R10: 0x0000000000000000
2300. R11: 0x0000000000000000 R12: 0x00000000FFFFFFFF R13: 0x00000000925FFB90
2301. R14: 0x0000000000000000 R15: 0x0000000000000000
2302.  
2303. Memory from 0x00000000F0E85C14
2304. FF 66 66 66 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
2305. 5B 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
2306. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
2307. 5C 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
2308. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
2309.  
2310. Stack Trace
2311. 0: ZwWaitForMultipleObjects 0x00000014
2312. 1: WaitForMultipleObjectsEx 0x000000EF
2313. 2: InitializeFusion 0x00004832
2314. 3: InitializeFusion 0x0000475D
2315. 4: InitializeFusion 0x00004670
2316. 5: BaseThreadInitThunk 0x00000022
2317. 6: RtlUserThreadStart 0x00000034
2318.  
2319.  
2320.  
2321. ------------------------------
2322. THREAD ID: 0x000021E4
2323. got context
2324. Module path: C:\Windows\SYSTEM32\ntdll.dll
2325. PC: 0x0000000070B35C34 ModuleOffset: 0x00000000F0E85C34
2326. RAX: 0x00000000FFFFFFFF RBX: 0x0000000000000003 RCX: 0x0000000000000004
2327. RDX: 0x0000000000000005 RDI: 0x0000000000000003 RSI: 0x0000000000000000
2328. RSP: 0x00000000929FF0B8 RIP: 0x00000000F0E85C34 RBP: 0x0000000000000001
2329. R8 : 0x00000000929FF330 R9 : 0x00000000804ADF90 R10: 0x0000000000000000
2330. R11: 0x00000000929FF3A0 R12: 0x00000000FFFFFFFF R13: 0x00000000E0501530
2331. R14: 0x0000000000000000 R15: 0x0000000000000000
2332.  
2333. Memory from 0x00000000F0E85C14
2334. FF 66 66 66 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
2335. 5B 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
2336. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
2337. 5C 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
2338. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
2339.  
2340. Stack Trace
2341. 0: ZwWaitForMultipleObjects 0x00000014
2342. 1: WaitForMultipleObjectsEx 0x000000EF
2343. 2: GetMetaDataPublicInterfaceFromInternal 0x0004890A
2344. 3: GetMetaDataPublicInterfaceFromInternal 0x000354A4
2345. 4: DllCanUnloadNowInternal 0x000019A9
2346. 5: DllCanUnloadNowInternal 0x00001924
2347. 6: DllCanUnloadNowInternal 0x00001862
2348. 7: GetCLRFunction 0x000007EA
2349. 8: InstallCustomModule 0x00001C7F
2350. 9: BaseThreadInitThunk 0x00000022
2351. 10: RtlUserThreadStart 0x00000034
2352.  
2353.  
2354.  
2355. ------------------------------
2356. THREAD ID: 0x0000185C
2357. got context
2358. Module path: C:\Windows\SYSTEM32\ntdll.dll
2359. PC: 0x0000000070B387F4 ModuleOffset: 0x00000000F0E887F4
2360. RAX: 0x00000000ECFC4D03 RBX: 0x000000008049A850 RCX: 0x0000000000000000
2361. RDX: 0x0000000003F520A0 RDI: 0x000000008049ABD0 RSI: 0x0000000000000010
2362. RSP: 0x0000000092DFF5D8 RIP: 0x00000000F0E887F4 RBP: 0x0000000000000000
2363. R8 : 0x00000000000002DF R9 : 0x00000000000002E0 R10: 0x00000000000002DE
2364. R11: 0x00000000ECFC4CF2 R12: 0x0000000000000000 R13: 0x00000000F0E0E130
2365. R14: 0x00000000F0DE9AF0 R15: 0x0000000080492E10
2366.  
2367. Memory from 0x00000000F0E887D4
2368. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
2369. B9 01 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
2370. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
2371. BA 01 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
2372. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
2373.  
2374. Stack Trace
2375. 0: ZwWaitForWorkViaWorkerFactory 0x00000014
2376. 1: RtlAcquireSRWLockShared 0x00003E28
2377. 2: BaseThreadInitThunk 0x00000022
2378. 3: RtlUserThreadStart 0x00000034
2379.  
2380.  
2381.  
2382. ------------------------------
2383. THREAD ID: 0x00000344
2384. got context
2385. Module path: C:\Windows\SYSTEM32\ntdll.dll
2386. PC: 0x0000000070B35164 ModuleOffset: 0x00000000F0E85164
2387. RAX: 0x00000000FFF0BDC0 RBX: 0x0000000000000000 RCX: 0x00000000000003FC
2388. RDX: 0x0000000000000000 RDI: 0x00000000000003FC RSI: 0x0000000000000064
2389. RSP: 0x00000000941FFD08 RIP: 0x00000000F0E85164 RBP: 0x0000000000000064
2390. R8 : 0x00000000941FFD38 R9 : 0x0000000000000064 R10: 0x0000000000000000
2391. R11: 0x00000000941FFDA8 R12: 0x0000000000000000 R13: 0x0000000066F8B560
2392. R14: 0x00000000941FFD38 R15: 0x0000000000000000
2393.  
2394. Memory from 0x00000000F0E85144
2395. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
2396. 04 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
2397. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
2398. 05 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
2399. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
2400.  
2401. Stack Trace
2402. 0: NtWaitForSingleObject 0x00000014
2403. 1: WaitForSingleObjectEx 0x0000008F
2404. 2: DrvValidateVersion 0x00009E7A
2405. 5: DrvValidateVersion 0x0000AA8B
2406. 6: BaseThreadInitThunk 0x00000022
2407. 7: RtlUserThreadStart 0x00000034
2408.  
2409.  
2410.  
2411. ------------------------------
2412. THREAD ID: 0x00001DA8
2413. got context
2414. Module path: C:\Windows\SYSTEM32\ntdll.dll
2415. PC: 0x0000000070B35164 ModuleOffset: 0x00000000F0E85164
2416. RAX: 0x0000000000000000 RBX: 0x0000000000000000 RCX: 0x00000000B0A0A09C
2417. RDX: 0x000000009ABB0A40 RDI: 0x0000000000000420 RSI: 0x00000000FFFFFFFF
2418. RSP: 0x00000000949FF718 RIP: 0x00000000F0E85164 RBP: 0x000000009B6EDB68
2419. R8 : 0x0000000000000000 R9 : 0x0000000000000000 R10: 0x0000000000000000
2420. R11: 0x0000000000000000 R12: 0x0000000000000000 R13: 0x0000000000000000
2421. R14: 0x0000000000000000 R15: 0x0000000000000000
2422.  
2423. Memory from 0x00000000F0E85144
2424. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
2425. 04 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
2426. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
2427. 05 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
2428. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
2429.  
2430. Stack Trace
2431. 0: NtWaitForSingleObject 0x00000014
2432. 1: WaitForSingleObjectEx 0x0000008F
2433. 2: glIsTextureEXT 0x0022990A
2434. 3: glIsTextureEXT 0x0022B2C0
2435. 4: glIsTextureEXT 0x00229756
2436. 5: wglRealizeLayerPalette 0x00B1A333
2437. 6: wglRealizeLayerPalette 0x00B1A57E
2438. 7: BaseThreadInitThunk 0x00000022
2439. 8: RtlUserThreadStart 0x00000034
2440.  
2441.  
2442.  
2443. ------------------------------
2444. THREAD ID: 0x0000234C
2445. got context
2446. Module path: C:\Windows\SYSTEM32\ntdll.dll
2447. PC: 0x0000000070B35164 ModuleOffset: 0x00000000F0E85164
2448. RAX: 0x00000000B0F4B590 RBX: 0x0000000000000000 RCX: 0x00000000B0D63760
2449. RDX: 0x000000000000006C RDI: 0x0000000000000440 RSI: 0x00000000FFFFFFFF
2450. RSP: 0x0000000094DFFCA8 RIP: 0x00000000F0E85164 RBP: 0x000000009B6EDCF8
2451. R8 : 0x00000000FFFFFFFF R9 : 0x00000000AFAA0000 R10: 0x0000000000000000
2452. R11: 0x0000000000000200 R12: 0x0000000000000000 R13: 0x0000000000000000
2453. R14: 0x0000000000000000 R15: 0x0000000000000000
2454.  
2455. Memory from 0x00000000F0E85144
2456. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
2457. 04 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
2458. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
2459. 05 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
2460. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
2461.  
2462. Stack Trace
2463. 0: NtWaitForSingleObject 0x00000014
2464. 1: WaitForSingleObjectEx 0x0000008F
2465. 2: glIsTextureEXT 0x0022990A
2466. 3: glIsTextureEXT 0x0022B2C0
2467. 4: glIsTextureEXT 0x00229756
2468. 5: wglRealizeLayerPalette 0x00B1A333
2469. 6: wglRealizeLayerPalette 0x00B1A57E
2470. 7: BaseThreadInitThunk 0x00000022
2471. 8: RtlUserThreadStart 0x00000034
2472.  
2473.  
2474.  
2475. ------------------------------
2476. THREAD ID: 0x0000370C
2477. got context
2478. Module path: C:\Windows\SYSTEM32\ntdll.dll
2479. PC: 0x0000000070B35164 ModuleOffset: 0x00000000F0E85164
2480. RAX: 0x0000000000000000 RBX: 0x0000000000000000 RCX: 0x00000000B0A0A09C
2481. RDX: 0x000000009ABB17F0 RDI: 0x0000000000000454 RSI: 0x00000000FFFFFFFF
2482. RSP: 0x00000000951FF928 RIP: 0x00000000F0E85164 RBP: 0x000000009B6EDE88
2483. R8 : 0x0000000000000000 R9 : 0x0000000000000000 R10: 0x0000000000000000
2484. R11: 0x0000000000000000 R12: 0x0000000000000000 R13: 0x0000000000000000
2485. R14: 0x0000000000000000 R15: 0x0000000000000000
2486.  
2487. Memory from 0x00000000F0E85144
2488. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
2489. 04 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
2490. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
2491. 05 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
2492. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
2493.  
2494. Stack Trace
2495. 0: NtWaitForSingleObject 0x00000014
2496. 1: WaitForSingleObjectEx 0x0000008F
2497. 2: glIsTextureEXT 0x0022990A
2498. 3: glIsTextureEXT 0x0022B2C0
2499. 4: glIsTextureEXT 0x00229756
2500. 5: wglRealizeLayerPalette 0x00B1A333
2501. 6: wglRealizeLayerPalette 0x00B1A57E
2502. 7: BaseThreadInitThunk 0x00000022
2503. 8: RtlUserThreadStart 0x00000034
2504.  
2505.  
2506.  
2507. ------------------------------
2508. THREAD ID: 0x00003908
2509. got context
2510. Module path: C:\Windows\SYSTEM32\ntdll.dll
2511. PC: 0x0000000070B35164 ModuleOffset: 0x00000000F0E85164
2512. RAX: 0x0000000000000000 RBX: 0x0000000000000000 RCX: 0x00000000B0A0A09C
2513. RDX: 0x000000009ABB1C80 RDI: 0x0000000000000468 RSI: 0x00000000FFFFFFFF
2514. RSP: 0x00000000955FFBB8 RIP: 0x00000000F0E85164 RBP: 0x000000009B6EE018
2515. R8 : 0x0000000000000000 R9 : 0x0000000000000000 R10: 0x0000000000000000
2516. R11: 0x0000000000000000 R12: 0x0000000000000000 R13: 0x0000000000000000
2517. R14: 0x0000000000000000 R15: 0x0000000000000000
2518.  
2519. Memory from 0x00000000F0E85144
2520. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
2521. 04 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
2522. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
2523. 05 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
2524. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
2525.  
2526. Stack Trace
2527. 0: NtWaitForSingleObject 0x00000014
2528. 1: WaitForSingleObjectEx 0x0000008F
2529. 2: glIsTextureEXT 0x0022990A
2530. 3: glIsTextureEXT 0x0022B2C0
2531. 4: glIsTextureEXT 0x00229756
2532. 5: wglRealizeLayerPalette 0x00B1A333
2533. 6: wglRealizeLayerPalette 0x00B1A57E
2534. 7: BaseThreadInitThunk 0x00000022
2535. 8: RtlUserThreadStart 0x00000034
2536.  
2537.  
2538.  
2539. ------------------------------
2540. THREAD ID: 0x00001B5C
2541. got context
2542. Module path: C:\Windows\SYSTEM32\ntdll.dll
2543. PC: 0x0000000070B35164 ModuleOffset: 0x00000000F0E85164
2544. RAX: 0x0000000000190000 RBX: 0x0000000000000001 RCX: 0x0000000000000014
2545. RDX: 0x0000000000000106 RDI: 0x0000000000000538 RSI: 0x00000000FFFFFFFF
2546. RSP: 0x00000000959FFAE8 RIP: 0x00000000F0E85164 RBP: 0x0000000000000000
2547. R8 : 0x0000000000000001 R9 : 0x000000009B5E0000 R10: 0x0000000000000000
2548. R11: 0x0000000080490150 R12: 0x0000000000000000 R13: 0x0000000000000000
2549. R14: 0x0000000000000000 R15: 0x0000000000000000
2550.  
2551. Memory from 0x00000000F0E85144
2552. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
2553. 04 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
2554. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
2555. 05 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
2556. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
2557.  
2558. Stack Trace
2559. 0: NtWaitForSingleObject 0x00000014
2560. 1: WaitForSingleObjectEx 0x0000008F
2561. 2: RasSignalMonitorThreadExit 0x00000316
2562. 3: BaseThreadInitThunk 0x00000022
2563. 4: RtlUserThreadStart 0x00000034
2564.  
2565.  
2566.  
2567. ------------------------------
2568. THREAD ID: 0x00001F24
2569. got context
2570. Module path: C:\Windows\SYSTEM32\ntdll.dll
2571. PC: 0x0000000070B387F4 ModuleOffset: 0x00000000F0E887F4
2572. RAX: 0x0000000000000001 RBX: 0x000000008049A110 RCX: 0x00000000000104B4
2573. RDX: 0x0000000000008013 RDI: 0x000000008049A490 RSI: 0x0000000000000010
2574. RSP: 0x0000000095DFFB08 RIP: 0x00000000F0E887F4 RBP: 0x0000000000000000
2575. R8 : 0x0000000095DFF4A0 R9 : 0x0000000000000000 R10: 0x0000000000000000
2576. R11: 0x0000000095DFF4B4 R12: 0x0000000000000000 R13: 0x00000000F0E0E130
2577. R14: 0x00000000F0DE9AF0 R15: 0x0000000080493FE0
2578.  
2579. Memory from 0x00000000F0E887D4
2580. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
2581. B9 01 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
2582. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
2583. BA 01 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
2584. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
2585.  
2586. Stack Trace
2587. 0: ZwWaitForWorkViaWorkerFactory 0x00000014
2588. 1: RtlAcquireSRWLockShared 0x00003E28
2589. 2: BaseThreadInitThunk 0x00000022
2590. 3: RtlUserThreadStart 0x00000034
2591.  
2592.  
2593.  
2594. ------------------------------
2595. THREAD ID: 0x000014A0
2596. got context
2597. Module path: C:\Windows\SYSTEM32\ntdll.dll
2598. PC: 0x0000000070B36D54 ModuleOffset: 0x00000000F0E86D54
2599. RAX: 0x00000000000008EE RBX: 0x0000000000000001 RCX: 0x000000000000FA2C
2600. RDX: 0x000000009A8E0000 RDI: 0x0000000000000FD0 RSI: 0x0000000000001268
2601. RSP: 0x00000000961FDF38 RIP: 0x00000000F0E86D54 RBP: 0x00000000000024E0
2602. R8 : 0x00000000000008ED R9 : 0x00000000000024E0 R10: 0x0000000000000000
2603. R11: 0x0000000000000246 R12: 0x00000000DA431A20 R13: 0x0000000000000001
2604. R14: 0x00000000961FE6C0 R15: 0x00000000FFFFFFFF
2605.  
2606. Memory from 0x00000000F0E86D34
2607. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
2608. E4 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
2609. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
2610. E5 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
2611. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
2612.  
2613. Stack Trace
2614. 0: NtGetContextThread 0x00000014
2615.  
2616.  
2617.  
2618. ------------------------------
2619. THREAD ID: 0x00002C20
2620. got context
2621. Module path: C:\Windows\SYSTEM32\ntdll.dll
2622. PC: 0x0000000070B35C34 ModuleOffset: 0x00000000F0E85C34
2623. RAX: 0x0000000091531758 RBX: 0x0000000000000001 RCX: 0x000000009B7436D0
2624. RDX: 0x00000000F0D20C70 RDI: 0x0000000000000001 RSI: 0x0000000000000000
2625. RSP: 0x00000000965FF1F8 RIP: 0x00000000F0E85C34 RBP: 0x00000000000005EC
2626. R8 : 0x0000000000000097 R9 : 0x0000000000000000 R10: 0x0000000000000000
2627. R11: 0x000000009B749EC0 R12: 0x00000000FFFFFFFF R13: 0x00000000965FF550
2628. R14: 0x0000000000000000 R15: 0x0000000000000000
2629.  
2630. Memory from 0x00000000F0E85C14
2631. FF 66 66 66 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
2632. 5B 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
2633. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
2634. 5C 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
2635. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
2636.  
2637. Stack Trace
2638. 0: ZwWaitForMultipleObjects 0x00000014
2639. 1: WaitForMultipleObjectsEx 0x000000EF
2640. 2: RoGetActivationFactory 0x0000FE0F
2641. 3: InternalReleaseMarshalObjRef 0x00000BD8
2642. 4: RoGetActivationFactory 0x0000FCD7
2643. 5: InternalReleaseMarshalObjRef 0x000014CC
2644. 6: BaseThreadInitThunk 0x00000022
2645. 7: RtlUserThreadStart 0x00000034
2646.  
2647.  
2648.  
2649. ------------------------------
2650. THREAD ID: 0x000014FC
2651. got context
2652. Module path: C:\Windows\SYSTEM32\ntdll.dll
2653. PC: 0x0000000070B35C34 ModuleOffset: 0x00000000F0E85C34
2654. RAX: 0x00000000000000C0 RBX: 0x0000000000000002 RCX: 0x0000000000000000
2655. RDX: 0x0000000000000000 RDI: 0x0000000000000002 RSI: 0x0000000000000001
2656. RSP: 0x000000009126FBE8 RIP: 0x00000000F0E85C34 RBP: 0x0000000000000000
2657. R8 : 0x0000000000000000 R9 : 0x0000000000000000 R10: 0x0000000000000000
2658. R11: 0x0000000000000000 R12: 0x00000000FFFFFFFF R13: 0x000000009B751F18
2659. R14: 0x0000000000000000 R15: 0x0000000000000000
2660.  
2661. Memory from 0x00000000F0E85C14
2662. FF 66 66 66 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
2663. 5B 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
2664. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
2665. 5C 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
2666. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
2667.  
2668. Stack Trace
2669. 0: ZwWaitForMultipleObjects 0x00000014
2670. 1: WaitForMultipleObjectsEx 0x000000EF
2671. 2: CreateAssemblyNameObject 0x00057D94
2672. 3: BaseThreadInitThunk 0x00000022
2673. 4: RtlUserThreadStart 0x00000034
2674.  
2675.  
2676.  
2677. ------------------------------
2678. THREAD ID: 0x00002A30
2679. got context
2680. Module path: C:\Windows\SYSTEM32\ntdll.dll
2681. PC: 0x0000000070B35C34 ModuleOffset: 0x00000000F0E85C34
2682. RAX: 0x000000008B4071C8 RBX: 0x0000000000000001 RCX: 0x00000000969FEE48
2683. RDX: 0x000000008B4071C8 RDI: 0x0000000000000001 RSI: 0x0000000000000001
2684. RSP: 0x00000000969FEA78 RIP: 0x00000000F0E85C34 RBP: 0x00000000969FEE89
2685. R8 : 0x0000000000000000 R9 : 0x0000000000000000 R10: 0x0000000000000000
2686. R11: 0x00000000DCAC82D0 R12: 0x00000000FFFFFFFF R13: 0x00000000969FEFD0
2687. R14: 0x0000000000000000 R15: 0x0000000000000001
2688.  
2689. Memory from 0x00000000F0E85C14
2690. FF 66 66 66 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
2691. 5B 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
2692. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
2693. 5C 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
2694. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
2695.  
2696. Stack Trace
2697. 0: ZwWaitForMultipleObjects 0x00000014
2698. 1: WaitForMultipleObjectsEx 0x000000EF
2699. 2: GetMetaDataPublicInterfaceFromInternal 0x0003A95E
2700. 3: GetMetaDataPublicInterfaceFromInternal 0x0003A7F8
2701. 4: GetMetaDataPublicInterfaceFromInternal 0x0003A5F1
2702. 5: GetMetaDataPublicInterfaceFromInternal 0x0003EEB5
2703. 13: DllCanUnloadNowInternal 0x00000BE3
2704. 14: DllCanUnloadNowInternal 0x00000AA3
2705. 15: DllCanUnloadNowInternal 0x000012F5
2706. 16: GetPrivateContextsPerfCounters 0x00007B79
2707. 17: DllCanUnloadNowInternal 0x000019A9
2708. 18: DllCanUnloadNowInternal 0x00001924
2709. 19: DllCanUnloadNowInternal 0x00001862
2710. 20: DllCanUnloadNowInternal 0x000019E3
2711. 21: GetPrivateContextsPerfCounters 0x00007A5B
2712. 22: InstallCustomModule 0x00001C7F
2713. 23: BaseThreadInitThunk 0x00000022
2714. 24: RtlUserThreadStart 0x00000034
2715.  
2716.  
2717.  
2718. ------------------------------
2719. THREAD ID: 0x00003990
2720. got context
2721. Module path: C:\Windows\SYSTEM32\ntdll.dll
2722. PC: 0x0000000070B35C34 ModuleOffset: 0x00000000F0E85C34
2723. RAX: 0x0000000000000000 RBX: 0x0000000000000001 RCX: 0x0000000000001E40
2724. RDX: 0x0000000000000000 RDI: 0x0000000000000001 RSI: 0x0000000000000001
2725. RSP: 0x0000000096DFE6F8 RIP: 0x00000000F0E85C34 RBP: 0x0000000096DFEB09
2726. R8 : 0x0000000000015938 R9 : 0x0000000000000000 R10: 0x00000000E0508528
2727. R11: 0x00000000928B6508 R12: 0x00000000FFFFFFFF R13: 0x0000000096DFEC50
2728. R14: 0x0000000000000000 R15: 0x0000000000000001
2729.  
2730. Memory from 0x00000000F0E85C14
2731. FF 66 66 66 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
2732. 5B 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
2733. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
2734. 5C 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
2735. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
2736.  
2737. Stack Trace
2738. 0: ZwWaitForMultipleObjects 0x00000014
2739. 1: WaitForMultipleObjectsEx 0x000000EF
2740. 2: GetMetaDataPublicInterfaceFromInternal 0x0003A95E
2741. 3: GetMetaDataPublicInterfaceFromInternal 0x0003A7F8
2742. 4: GetMetaDataPublicInterfaceFromInternal 0x0003A5F1
2743. 5: GetMetaDataPublicInterfaceFromInternal 0x0003EEB5
2744. 13: DllCanUnloadNowInternal 0x00000BE3
2745. 14: DllCanUnloadNowInternal 0x00000AA3
2746. 15: DllCanUnloadNowInternal 0x000012F5
2747. 16: GetPrivateContextsPerfCounters 0x00007B79
2748. 17: DllCanUnloadNowInternal 0x000019A9
2749. 18: DllCanUnloadNowInternal 0x00001924
2750. 19: DllCanUnloadNowInternal 0x00001862
2751. 20: DllCanUnloadNowInternal 0x000019E3
2752. 21: GetPrivateContextsPerfCounters 0x00007A5B
2753. 22: InstallCustomModule 0x00001C7F
2754. 23: BaseThreadInitThunk 0x00000022
2755. 24: RtlUserThreadStart 0x00000034
2756.  
2757.  
2758.  
2759. ------------------------------
2760. THREAD ID: 0x00002704
2761. got context
2762. Module path: C:\Windows\SYSTEM32\ntdll.dll
2763. PC: 0x0000000070B35C34 ModuleOffset: 0x00000000F0E85C34
2764. RAX: 0x0000000000000000 RBX: 0x0000000000000001 RCX: 0x00000000971FEE28
2765. RDX: 0x0000000000000000 RDI: 0x0000000000000001 RSI: 0x0000000000000001
2766. RSP: 0x00000000971FEA68 RIP: 0x00000000F0E85C34 RBP: 0x00000000971FEE79
2767. R8 : 0x00000000971FEC10 R9 : 0x0000000000000000 R10: 0x0000000000000000
2768. R11: 0x00000000DCAC82D0 R12: 0x00000000FFFFFFFF R13: 0x00000000971FEFC0
2769. R14: 0x0000000000000000 R15: 0x0000000000000001
2770.  
2771. Memory from 0x00000000F0E85C14
2772. FF 66 66 66 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
2773. 5B 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
2774. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
2775. 5C 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
2776. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
2777.  
2778. Stack Trace
2779. 0: ZwWaitForMultipleObjects 0x00000014
2780. 1: WaitForMultipleObjectsEx 0x000000EF
2781. 2: GetMetaDataPublicInterfaceFromInternal 0x0003A95E
2782. 3: GetMetaDataPublicInterfaceFromInternal 0x0003A7F8
2783. 4: GetMetaDataPublicInterfaceFromInternal 0x0003A5F1
2784. 5: GetMetaDataPublicInterfaceFromInternal 0x0003EEB5
2785. 13: DllCanUnloadNowInternal 0x00000BE3
2786. 14: DllCanUnloadNowInternal 0x00000AA3
2787. 15: DllCanUnloadNowInternal 0x000012F5
2788. 16: GetPrivateContextsPerfCounters 0x00007B79
2789. 17: DllCanUnloadNowInternal 0x000019A9
2790. 18: DllCanUnloadNowInternal 0x00001924
2791. 19: DllCanUnloadNowInternal 0x00001862
2792. 20: DllCanUnloadNowInternal 0x000019E3
2793. 21: GetPrivateContextsPerfCounters 0x00007A5B
2794. 22: InstallCustomModule 0x00001C7F
2795. 23: BaseThreadInitThunk 0x00000022
2796. 24: RtlUserThreadStart 0x00000034
2797.  
2798.  
2799.  
2800. ------------------------------
2801. THREAD ID: 0x00002650
2802. got context
2803. Module path: C:\Windows\SYSTEM32\ntdll.dll
2804. PC: 0x0000000070B35C34 ModuleOffset: 0x00000000F0E85C34
2805. RAX: 0x000000000000115C RBX: 0x0000000000000001 RCX: 0x000000000002B220
2806. RDX: 0x0000000000000000 RDI: 0x0000000000000001 RSI: 0x0000000000000001
2807. RSP: 0x00000000975FE638 RIP: 0x00000000F0E85C34 RBP: 0x00000000975FEA49
2808. R8 : 0x0000000000000001 R9 : 0x0000000000000000 R10: 0x000000000001AB26
2809. R11: 0x000000009B79DEF0 R12: 0x00000000FFFFFFFF R13: 0x00000000975FEB90
2810. R14: 0x0000000000000000 R15: 0x0000000000000001
2811.  
2812. Memory from 0x00000000F0E85C14
2813. FF 66 66 66 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
2814. 5B 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
2815. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
2816. 5C 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
2817. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
2818.  
2819. Stack Trace
2820. 0: ZwWaitForMultipleObjects 0x00000014
2821. 1: WaitForMultipleObjectsEx 0x000000EF
2822. 2: GetMetaDataPublicInterfaceFromInternal 0x0003A95E
2823. 3: GetMetaDataPublicInterfaceFromInternal 0x0003A7F8
2824. 4: GetMetaDataPublicInterfaceFromInternal 0x0003A5F1
2825. 5: GetMetaDataPublicInterfaceFromInternal 0x0003EEB5
2826. 13: DllCanUnloadNowInternal 0x00000BE3
2827. 14: DllCanUnloadNowInternal 0x00000AA3
2828. 15: DllCanUnloadNowInternal 0x000012F5
2829. 16: GetPrivateContextsPerfCounters 0x00007B79
2830. 17: DllCanUnloadNowInternal 0x000019A9
2831. 18: DllCanUnloadNowInternal 0x00001924
2832. 19: DllCanUnloadNowInternal 0x00001862
2833. 20: DllCanUnloadNowInternal 0x000019E3
2834. 21: GetPrivateContextsPerfCounters 0x00007A5B
2835. 22: InstallCustomModule 0x00001C7F
2836. 23: BaseThreadInitThunk 0x00000022
2837. 24: RtlUserThreadStart 0x00000034
2838.  
2839.  
2840.  
2841. ------------------------------
2842. THREAD ID: 0x00003668
2843. got context
2844. Module path: C:\Windows\SYSTEM32\ntdll.dll
2845. PC: 0x0000000070B35C34 ModuleOffset: 0x00000000F0E85C34
2846. RAX: 0x000000004274BFA0 RBX: 0x0000000000000001 RCX: 0x00000000579167F7
2847. RDX: 0x000000008B3FBA80 RDI: 0x0000000000000001 RSI: 0x0000000000000001
2848. RSP: 0x00000000979FE7D8 RIP: 0x00000000F0E85C34 RBP: 0x00000000979FEBE9
2849. R8 : 0x00000000979FE980 R9 : 0x0000000000000000 R10: 0x000000008B3FCF08
2850. R11: 0x000000009B79E8D0 R12: 0x00000000FFFFFFFF R13: 0x00000000979FED30
2851. R14: 0x0000000000000000 R15: 0x0000000000000001
2852.  
2853. Memory from 0x00000000F0E85C14
2854. FF 66 66 66 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
2855. 5B 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
2856. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
2857. 5C 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
2858. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
2859.  
2860. Stack Trace
2861. 0: ZwWaitForMultipleObjects 0x00000014
2862. 1: WaitForMultipleObjectsEx 0x000000EF
2863. 2: GetMetaDataPublicInterfaceFromInternal 0x0003A95E
2864. 3: GetMetaDataPublicInterfaceFromInternal 0x0003A7F8
2865. 4: GetMetaDataPublicInterfaceFromInternal 0x0003A5F1
2866. 5: GetMetaDataPublicInterfaceFromInternal 0x0003EEB5
2867. 13: DllCanUnloadNowInternal 0x00000BE3
2868. 14: DllCanUnloadNowInternal 0x00000AA3
2869. 15: DllCanUnloadNowInternal 0x000012F5
2870. 16: GetPrivateContextsPerfCounters 0x00007B79
2871. 17: DllCanUnloadNowInternal 0x000019A9
2872. 18: DllCanUnloadNowInternal 0x00001924
2873. 19: DllCanUnloadNowInternal 0x00001862
2874. 20: DllCanUnloadNowInternal 0x000019E3
2875. 21: GetPrivateContextsPerfCounters 0x00007A5B
2876. 22: InstallCustomModule 0x00001C7F
2877. 23: BaseThreadInitThunk 0x00000022
2878. 24: RtlUserThreadStart 0x00000034
2879.  
2880.  
2881.  
2882. ------------------------------
2883. THREAD ID: 0x00001B84
2884. got context
2885. Module path: C:\Windows\SYSTEM32\ntdll.dll
2886. PC: 0x0000000070B35C34 ModuleOffset: 0x00000000F0E85C34
2887. RAX: 0x00000000000027DB RBX: 0x0000000000000001 RCX: 0x000000008B5DE880
2888. RDX: 0x0000000000000027 RDI: 0x0000000000000001 RSI: 0x0000000000000001
2889. RSP: 0x0000000097DFE778 RIP: 0x00000000F0E85C34 RBP: 0x0000000097DFEB89
2890. R8 : 0x000000008B5DE87C R9 : 0x0000000000000000 R10: 0x0000000000002F76
2891. R11: 0x000000009ABD6FB0 R12: 0x00000000FFFFFFFF R13: 0x0000000097DFECD0
2892. R14: 0x0000000000000000 R15: 0x0000000000000001
2893.  
2894. Memory from 0x00000000F0E85C14
2895. FF 66 66 66 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
2896. 5B 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
2897. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
2898. 5C 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
2899. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
2900.  
2901. Stack Trace
2902. 0: ZwWaitForMultipleObjects 0x00000014
2903. 1: WaitForMultipleObjectsEx 0x000000EF
2904. 2: GetMetaDataPublicInterfaceFromInternal 0x0003A95E
2905. 3: GetMetaDataPublicInterfaceFromInternal 0x0003A7F8
2906. 4: GetMetaDataPublicInterfaceFromInternal 0x0003A5F1
2907. 5: GetMetaDataPublicInterfaceFromInternal 0x0003EEB5
2908. 13: DllCanUnloadNowInternal 0x00000BE3
2909. 14: DllCanUnloadNowInternal 0x00000AA3
2910. 15: DllCanUnloadNowInternal 0x000012F5
2911. 16: GetPrivateContextsPerfCounters 0x00007B79
2912. 17: DllCanUnloadNowInternal 0x000019A9
2913. 18: DllCanUnloadNowInternal 0x00001924
2914. 19: DllCanUnloadNowInternal 0x00001862
2915. 20: DllCanUnloadNowInternal 0x000019E3
2916. 21: GetPrivateContextsPerfCounters 0x00007A5B
2917. 22: InstallCustomModule 0x00001C7F
2918. 23: BaseThreadInitThunk 0x00000022
2919. 24: RtlUserThreadStart 0x00000034
2920.  
2921.  
2922.  
2923. ------------------------------
2924. THREAD ID: 0x000023F4
2925. got context
2926. Module path: C:\Windows\SYSTEM32\ntdll.dll
2927. PC: 0x0000000070B35C34 ModuleOffset: 0x00000000F0E85C34
2928. RAX: 0x0000000000000001 RBX: 0x0000000000000001 RCX: 0x0000000000000000
2929. RDX: 0x0000000000000002 RDI: 0x0000000000000001 RSI: 0x0000000000000001
2930. RSP: 0x00000000981FE858 RIP: 0x00000000F0E85C34 RBP: 0x00000000981FEC69
2931. R8 : 0x0000000000000000 R9 : 0x0000000000000007 R10: 0x0000000000000024
2932. R11: 0x00000000981FE880 R12: 0x00000000FFFFFFFF R13: 0x00000000981FEDB0
2933. R14: 0x0000000000000000 R15: 0x0000000000000001
2934.  
2935. Memory from 0x00000000F0E85C14
2936. FF 66 66 66 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
2937. 5B 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
2938. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
2939. 5C 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
2940. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
2941.  
2942. Stack Trace
2943. 0: ZwWaitForMultipleObjects 0x00000014
2944. 1: WaitForMultipleObjectsEx 0x000000EF
2945. 2: GetMetaDataPublicInterfaceFromInternal 0x0003A95E
2946. 3: GetMetaDataPublicInterfaceFromInternal 0x0003A7F8
2947. 4: GetMetaDataPublicInterfaceFromInternal 0x0003A5F1
2948. 5: GetMetaDataPublicInterfaceFromInternal 0x0003EEB5
2949. 13: DllCanUnloadNowInternal 0x00000BE3
2950. 14: DllCanUnloadNowInternal 0x00000AA3
2951. 15: DllCanUnloadNowInternal 0x000012F5
2952. 16: GetPrivateContextsPerfCounters 0x00007B79
2953. 17: DllCanUnloadNowInternal 0x000019A9
2954. 18: DllCanUnloadNowInternal 0x00001924
2955. 19: DllCanUnloadNowInternal 0x00001862
2956. 20: DllCanUnloadNowInternal 0x000019E3
2957. 21: GetPrivateContextsPerfCounters 0x00007A5B
2958. 22: InstallCustomModule 0x00001C7F
2959. 23: BaseThreadInitThunk 0x00000022
2960. 24: RtlUserThreadStart 0x00000034
2961.  
2962.  
2963.  
2964. ------------------------------
2965. THREAD ID: 0x00000558
2966. got context
2967. Module path: C:\Windows\SYSTEM32\ntdll.dll
2968. PC: 0x0000000070B35C34 ModuleOffset: 0x00000000F0E85C34
2969. RAX: 0x0000000000000000 RBX: 0x0000000000000001 RCX: 0x0000000000001860
2970. RDX: 0x0000000000000000 RDI: 0x0000000000000001 RSI: 0x0000000000000001
2971. RSP: 0x00000000985FEA68 RIP: 0x00000000F0E85C34 RBP: 0x00000000985FEE79
2972. R8 : 0x0000000000015508 R9 : 0x0000000000000000 R10: 0x00000000E0508528
2973. R11: 0x0000000093684358 R12: 0x00000000FFFFFFFF R13: 0x00000000985FEFC0
2974. R14: 0x0000000000000000 R15: 0x0000000000000001
2975.  
2976. Memory from 0x00000000F0E85C14
2977. FF 66 66 66 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
2978. 5B 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
2979. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
2980. 5C 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
2981. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
2982.  
2983. Stack Trace
2984. 0: ZwWaitForMultipleObjects 0x00000014
2985. 1: WaitForMultipleObjectsEx 0x000000EF
2986. 2: GetMetaDataPublicInterfaceFromInternal 0x0003A95E
2987. 3: GetMetaDataPublicInterfaceFromInternal 0x0003A7F8
2988. 4: GetMetaDataPublicInterfaceFromInternal 0x0003A5F1
2989. 5: GetMetaDataPublicInterfaceFromInternal 0x0003EEB5
2990. 13: DllCanUnloadNowInternal 0x00000BE3
2991. 14: DllCanUnloadNowInternal 0x00000AA3
2992. 15: DllCanUnloadNowInternal 0x000012F5
2993. 16: GetPrivateContextsPerfCounters 0x00007B79
2994. 17: DllCanUnloadNowInternal 0x000019A9
2995. 18: DllCanUnloadNowInternal 0x00001924
2996. 19: DllCanUnloadNowInternal 0x00001862
2997. 20: DllCanUnloadNowInternal 0x000019E3
2998. 21: GetPrivateContextsPerfCounters 0x00007A5B
2999. 22: InstallCustomModule 0x00001C7F
3000. 23: BaseThreadInitThunk 0x00000022
3001. 24: RtlUserThreadStart 0x00000034
3002.  
3003.  
3004.  
3005. ------------------------------
3006. THREAD ID: 0x00002C50
3007. got context
3008. Module path: C:\Windows\SYSTEM32\ntdll.dll
3009. PC: 0x0000000070B35C34 ModuleOffset: 0x00000000F0E85C34
3010. RAX: 0x00000000BEF7BE40 RBX: 0x0000000000000001 RCX: 0x000000008B826200
3011. RDX: 0x000000008B8261D0 RDI: 0x0000000000000001 RSI: 0x0000000000000001
3012. RSP: 0x00000000989FE898 RIP: 0x00000000F0E85C34 RBP: 0x00000000989FECA9
3013. R8 : 0x000000008B826120 R9 : 0x000000008B826180 R10: 0x0000000000000001
3014. R11: 0x00000000DCAC72D8 R12: 0x00000000FFFFFFFF R13: 0x00000000989FEDF0
3015. R14: 0x0000000000000000 R15: 0x0000000000000001
3016.  
3017. Memory from 0x00000000F0E85C14
3018. FF 66 66 66 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
3019. 5B 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
3020. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
3021. 5C 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
3022. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
3023.  
3024. Stack Trace
3025. 0: ZwWaitForMultipleObjects 0x00000014
3026. 1: WaitForMultipleObjectsEx 0x000000EF
3027. 2: GetMetaDataPublicInterfaceFromInternal 0x0003A95E
3028. 3: GetMetaDataPublicInterfaceFromInternal 0x0003A7F8
3029. 4: GetMetaDataPublicInterfaceFromInternal 0x0003A5F1
3030. 5: GetMetaDataPublicInterfaceFromInternal 0x0003EEB5
3031. 13: DllCanUnloadNowInternal 0x00000BE3
3032. 14: DllCanUnloadNowInternal 0x00000AA3
3033. 15: DllCanUnloadNowInternal 0x000012F5
3034. 16: GetPrivateContextsPerfCounters 0x00007B79
3035. 17: DllCanUnloadNowInternal 0x000019A9
3036. 18: DllCanUnloadNowInternal 0x00001924
3037. 19: DllCanUnloadNowInternal 0x00001862
3038. 20: DllCanUnloadNowInternal 0x000019E3
3039. 21: GetPrivateContextsPerfCounters 0x00007A5B
3040. 22: InstallCustomModule 0x00001C7F
3041. 23: BaseThreadInitThunk 0x00000022
3042. 24: RtlUserThreadStart 0x00000034
3043.  
3044.  
3045.  
3046. ------------------------------
3047. THREAD ID: 0x000022A8
3048. got context
3049. Module path: C:\Windows\SYSTEM32\ntdll.dll
3050. PC: 0x0000000070B35C34 ModuleOffset: 0x00000000F0E85C34
3051. RAX: 0x0000000000000000 RBX: 0x0000000000000001 RCX: 0x0000000000001448
3052. RDX: 0x0000000000000000 RDI: 0x0000000000000001 RSI: 0x0000000000000001
3053. RSP: 0x0000000098DFE708 RIP: 0x00000000F0E85C34 RBP: 0x0000000098DFEB19
3054. R8 : 0x00000000000158B8 R9 : 0x0000000000000000 R10: 0x00000000E0508528
3055. R11: 0x00000000937EEB90 R12: 0x00000000FFFFFFFF R13: 0x0000000098DFEC60
3056. R14: 0x0000000000000000 R15: 0x0000000000000001
3057.  
3058. Memory from 0x00000000F0E85C14
3059. FF 66 66 66 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
3060. 5B 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
3061. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
3062. 5C 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
3063. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
3064.  
3065. Stack Trace
3066. 0: ZwWaitForMultipleObjects 0x00000014
3067. 1: WaitForMultipleObjectsEx 0x000000EF
3068. 2: GetMetaDataPublicInterfaceFromInternal 0x0003A95E
3069. 3: GetMetaDataPublicInterfaceFromInternal 0x0003A7F8
3070. 4: GetMetaDataPublicInterfaceFromInternal 0x0003A5F1
3071. 5: GetMetaDataPublicInterfaceFromInternal 0x0003EEB5
3072. 13: DllCanUnloadNowInternal 0x00000BE3
3073. 14: DllCanUnloadNowInternal 0x00000AA3
3074. 15: DllCanUnloadNowInternal 0x000012F5
3075. 16: GetPrivateContextsPerfCounters 0x00007B79
3076. 17: DllCanUnloadNowInternal 0x000019A9
3077. 18: DllCanUnloadNowInternal 0x00001924
3078. 19: DllCanUnloadNowInternal 0x00001862
3079. 20: DllCanUnloadNowInternal 0x000019E3
3080. 21: GetPrivateContextsPerfCounters 0x00007A5B
3081. 22: InstallCustomModule 0x00001C7F
3082. 23: BaseThreadInitThunk 0x00000022
3083. 24: RtlUserThreadStart 0x00000034
3084.  
3085.  
3086.  
3087. ------------------------------
3088. THREAD ID: 0x000034E8
3089. got context
3090. Module path: C:\Windows\SYSTEM32\ntdll.dll
3091. PC: 0x0000000070B35C34 ModuleOffset: 0x00000000F0E85C34
3092. RAX: 0x0000000000000000 RBX: 0x0000000000000001 RCX: 0x00000000000014E8
3093. RDX: 0x0000000000000000 RDI: 0x0000000000000001 RSI: 0x0000000000000001
3094. RSP: 0x00000000991FE128 RIP: 0x00000000F0E85C34 RBP: 0x00000000991FE539
3095. R8 : 0x0000000000015510 R9 : 0x0000000000000000 R10: 0x00000000E0508528
3096. R11: 0x00000000928A0FD8 R12: 0x00000000FFFFFFFF R13: 0x00000000991FE680
3097. R14: 0x0000000000000000 R15: 0x0000000000000001
3098.  
3099. Memory from 0x00000000F0E85C14
3100. FF 66 66 66 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
3101. 5B 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
3102. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
3103. 5C 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
3104. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
3105.  
3106. Stack Trace
3107. 0: ZwWaitForMultipleObjects 0x00000014
3108. 1: WaitForMultipleObjectsEx 0x000000EF
3109. 2: GetMetaDataPublicInterfaceFromInternal 0x0003A95E
3110. 3: GetMetaDataPublicInterfaceFromInternal 0x0003A7F8
3111. 4: GetMetaDataPublicInterfaceFromInternal 0x0003A5F1
3112. 5: GetMetaDataPublicInterfaceFromInternal 0x0003EEB5
3113. 13: DllCanUnloadNowInternal 0x00000BE3
3114. 14: DllCanUnloadNowInternal 0x00000AA3
3115. 15: DllCanUnloadNowInternal 0x000012F5
3116. 16: GetPrivateContextsPerfCounters 0x00007B79
3117. 17: DllCanUnloadNowInternal 0x000019A9
3118. 18: DllCanUnloadNowInternal 0x00001924
3119. 19: DllCanUnloadNowInternal 0x00001862
3120. 20: DllCanUnloadNowInternal 0x000019E3
3121. 21: GetPrivateContextsPerfCounters 0x00007A5B
3122. 22: InstallCustomModule 0x00001C7F
3123. 23: BaseThreadInitThunk 0x00000022
3124. 24: RtlUserThreadStart 0x00000034
3125.  
3126.  
3127.  
3128. ------------------------------
3129. THREAD ID: 0x00002D20
3130. got context
3131. Module path: C:\Windows\SYSTEM32\ntdll.dll
3132. PC: 0x0000000070B35C34 ModuleOffset: 0x00000000F0E85C34
3133. RAX: 0x000000008B706D68 RBX: 0x0000000000000001 RCX: 0x00000000BEFD5C50
3134. RDX: 0x0000000000000050 RDI: 0x0000000000000001 RSI: 0x0000000000000001
3135. RSP: 0x00000000995FE638 RIP: 0x00000000F0E85C34 RBP: 0x00000000995FEA49
3136. R8 : 0x00000000995FEBD0 R9 : 0x0000000000000000 R10: 0x000000008B708A18
3137. R11: 0x000000009ABEE240 R12: 0x00000000FFFFFFFF R13: 0x00000000995FEB90
3138. R14: 0x0000000000000000 R15: 0x0000000000000001
3139.  
3140. Memory from 0x00000000F0E85C14
3141. FF 66 66 66 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
3142. 5B 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
3143. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
3144. 5C 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
3145. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
3146.  
3147. Stack Trace
3148. 0: ZwWaitForMultipleObjects 0x00000014
3149. 1: WaitForMultipleObjectsEx 0x000000EF
3150. 2: GetMetaDataPublicInterfaceFromInternal 0x0003A95E
3151. 3: GetMetaDataPublicInterfaceFromInternal 0x0003A7F8
3152. 4: GetMetaDataPublicInterfaceFromInternal 0x0003A5F1
3153. 5: GetMetaDataPublicInterfaceFromInternal 0x0003EEB5
3154. 13: DllCanUnloadNowInternal 0x00000BE3
3155. 14: DllCanUnloadNowInternal 0x00000AA3
3156. 15: DllCanUnloadNowInternal 0x000012F5
3157. 16: GetPrivateContextsPerfCounters 0x00007B79
3158. 17: DllCanUnloadNowInternal 0x000019A9
3159. 18: DllCanUnloadNowInternal 0x00001924
3160. 19: DllCanUnloadNowInternal 0x00001862
3161. 20: DllCanUnloadNowInternal 0x000019E3
3162. 21: GetPrivateContextsPerfCounters 0x00007A5B
3163. 22: InstallCustomModule 0x00001C7F
3164. 23: BaseThreadInitThunk 0x00000022
3165. 24: RtlUserThreadStart 0x00000034
3166.  
3167.  
3168.  
3169. ------------------------------
3170. THREAD ID: 0x00003674
3171. got context
3172. Module path: C:\Windows\SYSTEM32\ntdll.dll
3173. PC: 0x0000000070B35C34 ModuleOffset: 0x00000000F0E85C34
3174. RAX: 0x000000000000002C RBX: 0x0000000000000001 RCX: 0x000000000000002C
3175. RDX: 0x0000000000000059 RDI: 0x0000000000000001 RSI: 0x0000000000000001
3176. RSP: 0x00000000999FE678 RIP: 0x00000000F0E85C34 RBP: 0x00000000999FEA89
3177. R8 : 0x000000008B3E93C4 R9 : 0x000000000000005C R10: 0x0000000000000000
3178. R11: 0x0000000000000003 R12: 0x00000000FFFFFFFF R13: 0x00000000999FEBD0
3179. R14: 0x0000000000000000 R15: 0x0000000000000001
3180.  
3181. Memory from 0x00000000F0E85C14
3182. FF 66 66 66 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
3183. 5B 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
3184. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
3185. 5C 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
3186. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
3187.  
3188. Stack Trace
3189. 0: ZwWaitForMultipleObjects 0x00000014
3190. 1: WaitForMultipleObjectsEx 0x000000EF
3191. 2: GetMetaDataPublicInterfaceFromInternal 0x0003A95E
3192. 3: GetMetaDataPublicInterfaceFromInternal 0x0003A7F8
3193. 4: GetMetaDataPublicInterfaceFromInternal 0x0003A5F1
3194. 5: GetMetaDataPublicInterfaceFromInternal 0x0003EEB5
3195. 13: DllCanUnloadNowInternal 0x00000BE3
3196. 14: DllCanUnloadNowInternal 0x00000AA3
3197. 15: DllCanUnloadNowInternal 0x000012F5
3198. 16: GetPrivateContextsPerfCounters 0x00007B79
3199. 17: DllCanUnloadNowInternal 0x000019A9
3200. 18: DllCanUnloadNowInternal 0x00001924
3201. 19: DllCanUnloadNowInternal 0x00001862
3202. 20: DllCanUnloadNowInternal 0x000019E3
3203. 21: GetPrivateContextsPerfCounters 0x00007A5B
3204. 22: InstallCustomModule 0x00001C7F
3205. 23: BaseThreadInitThunk 0x00000022
3206. 24: RtlUserThreadStart 0x00000034
3207.  
3208.  
3209.  
3210. ------------------------------
3211. THREAD ID: 0x00002654
3212. got context
3213. Module path: C:\Windows\SYSTEM32\ntdll.dll
3214. PC: 0x0000000070B35C34 ModuleOffset: 0x00000000F0E85C34
3215. RAX: 0x0000000000000000 RBX: 0x0000000000000001 RCX: 0x0000000000000B48
3216. RDX: 0x0000000000000000 RDI: 0x0000000000000001 RSI: 0x0000000000000001
3217. RSP: 0x0000000099DFE568 RIP: 0x00000000F0E85C34 RBP: 0x0000000099DFE979
3218. R8 : 0x0000000000004598 R9 : 0x00000000FFFFFFF8 R10: 0x00000000FFFFFFFF
3219. R11: 0x000000008B7A95B0 R12: 0x00000000FFFFFFFF R13: 0x0000000099DFEAC0
3220. R14: 0x0000000000000000 R15: 0x0000000000000001
3221.  
3222. Memory from 0x00000000F0E85C14
3223. FF 66 66 66 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
3224. 5B 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
3225. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
3226. 5C 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
3227. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
3228.  
3229. Stack Trace
3230. 0: ZwWaitForMultipleObjects 0x00000014
3231. 1: WaitForMultipleObjectsEx 0x000000EF
3232. 2: GetMetaDataPublicInterfaceFromInternal 0x0003A95E
3233. 3: GetMetaDataPublicInterfaceFromInternal 0x0003A7F8
3234. 4: GetMetaDataPublicInterfaceFromInternal 0x0003A5F1
3235. 5: GetMetaDataPublicInterfaceFromInternal 0x0003EEB5
3236. 13: DllCanUnloadNowInternal 0x00000BE3
3237. 14: DllCanUnloadNowInternal 0x00000AA3
3238. 15: DllCanUnloadNowInternal 0x000012F5
3239. 16: GetPrivateContextsPerfCounters 0x00007B79
3240. 17: DllCanUnloadNowInternal 0x000019A9
3241. 18: DllCanUnloadNowInternal 0x00001924
3242. 19: DllCanUnloadNowInternal 0x00001862
3243. 20: DllCanUnloadNowInternal 0x000019E3
3244. 21: GetPrivateContextsPerfCounters 0x00007A5B
3245. 22: InstallCustomModule 0x00001C7F
3246. 23: BaseThreadInitThunk 0x00000022
3247. 24: RtlUserThreadStart 0x00000034
3248.  
3249.  
3250.  
3251. ------------------------------
3252. THREAD ID: 0x00000598
3253. got context
3254. Module path: C:\Windows\SYSTEM32\ntdll.dll
3255. PC: 0x0000000070B35C34 ModuleOffset: 0x00000000F0E85C34
3256. RAX: 0x00000000804AB1A0 RBX: 0x0000000000000001 RCX: 0x000000009852DEE8
3257. RDX: 0x0000000000000020 RDI: 0x0000000000000001 RSI: 0x0000000000000001
3258. RSP: 0x000000009A1FE388 RIP: 0x00000000F0E85C34 RBP: 0x000000009A1FE799
3259. R8 : 0x0000000000000008 R9 : 0x0000000000000000 R10: 0x0000000000000000
3260. R11: 0x000000009A1FDEB0 R12: 0x00000000FFFFFFFF R13: 0x000000009A1FE8E0
3261. R14: 0x0000000000000000 R15: 0x0000000000000001
3262.  
3263. Memory from 0x00000000F0E85C14
3264. FF 66 66 66 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
3265. 5B 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
3266. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
3267. 5C 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
3268. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
3269.  
3270. Stack Trace
3271. 0: ZwWaitForMultipleObjects 0x00000014
3272. 1: WaitForMultipleObjectsEx 0x000000EF
3273. 2: GetMetaDataPublicInterfaceFromInternal 0x0003A95E
3274. 3: GetMetaDataPublicInterfaceFromInternal 0x0003A7F8
3275. 4: GetMetaDataPublicInterfaceFromInternal 0x0003A5F1
3276. 5: GetMetaDataPublicInterfaceFromInternal 0x0003EEB5
3277. 13: DllCanUnloadNowInternal 0x00000BE3
3278. 14: DllCanUnloadNowInternal 0x00000AA3
3279. 15: DllCanUnloadNowInternal 0x000012F5
3280. 16: GetPrivateContextsPerfCounters 0x00007B79
3281. 17: DllCanUnloadNowInternal 0x000019A9
3282. 18: DllCanUnloadNowInternal 0x00001924
3283. 19: DllCanUnloadNowInternal 0x00001862
3284. 20: DllCanUnloadNowInternal 0x000019E3
3285. 21: GetPrivateContextsPerfCounters 0x00007A5B
3286. 22: InstallCustomModule 0x00001C7F
3287. 23: BaseThreadInitThunk 0x00000022
3288. 24: RtlUserThreadStart 0x00000034
3289.  
3290.  
3291.  
3292. ------------------------------
3293. THREAD ID: 0x00003244
3294. got context
3295. Module path: C:\Windows\SYSTEM32\ntdll.dll
3296. PC: 0x0000000070B35C34 ModuleOffset: 0x00000000F0E85C34
3297. RAX: 0x0000000000000000 RBX: 0x0000000000000001 RCX: 0x00000000000011A0
3298. RDX: 0x0000000000000000 RDI: 0x0000000000000001 RSI: 0x0000000000000001
3299. RSP: 0x000000009A5FE068 RIP: 0x00000000F0E85C34 RBP: 0x000000009A5FE479
3300. R8 : 0x0000000000015680 R9 : 0x0000000000000000 R10: 0x00000000E0508528
3301. R11: 0x000000009376EB20 R12: 0x00000000FFFFFFFF R13: 0x000000009A5FE5C0
3302. R14: 0x0000000000000000 R15: 0x0000000000000001
3303.  
3304. Memory from 0x00000000F0E85C14
3305. FF 66 66 66 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
3306. 5B 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
3307. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
3308. 5C 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
3309. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
3310.  
3311. Stack Trace
3312. 0: ZwWaitForMultipleObjects 0x00000014
3313. 1: WaitForMultipleObjectsEx 0x000000EF
3314. 2: GetMetaDataPublicInterfaceFromInternal 0x0003A95E
3315. 3: GetMetaDataPublicInterfaceFromInternal 0x0003A7F8
3316. 4: GetMetaDataPublicInterfaceFromInternal 0x0003A5F1
3317. 5: GetMetaDataPublicInterfaceFromInternal 0x0003EEB5
3318. 13: DllCanUnloadNowInternal 0x00000BE3
3319. 14: DllCanUnloadNowInternal 0x00000AA3
3320. 15: DllCanUnloadNowInternal 0x000012F5
3321. 16: GetPrivateContextsPerfCounters 0x00007B79
3322. 17: DllCanUnloadNowInternal 0x000019A9
3323. 18: DllCanUnloadNowInternal 0x00001924
3324. 19: DllCanUnloadNowInternal 0x00001862
3325. 20: DllCanUnloadNowInternal 0x000019E3
3326. 21: GetPrivateContextsPerfCounters 0x00007A5B
3327. 22: InstallCustomModule 0x00001C7F
3328. 23: BaseThreadInitThunk 0x00000022
3329. 24: RtlUserThreadStart 0x00000034
3330.  
3331.  
3332.  
3333. ------------------------------
3334. THREAD ID: 0x00003260
3335. got context
3336. Module path: C:\Windows\SYSTEM32\ntdll.dll
3337. PC: 0x0000000070B35164 ModuleOffset: 0x00000000F0E85164
3338. RAX: 0x0000000000000000 RBX: 0x0000000000000000 RCX: 0x00000000F0E85164
3339. RDX: 0x0000000000000000 RDI: 0x0000000000000618 RSI: 0x0000000000004E20
3340. RSP: 0x000000009A9FED18 RIP: 0x00000000F0E85164 RBP: 0x000000009A9FEEA0
3341. R8 : 0x000000009A9FED18 R9 : 0x000000009A9FEEA0 R10: 0x0000000000000000
3342. R11: 0x0000000000000246 R12: 0x0000000000000001 R13: 0x0000000000000000
3343. R14: 0x000000009A9FED48 R15: 0x00000000FFFF0000
3344.  
3345. Memory from 0x00000000F0E85144
3346. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
3347. 04 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
3348. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
3349. 05 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
3350. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
3351.  
3352. Stack Trace
3353. 0: NtWaitForSingleObject 0x00000014
3354. 1: WaitForSingleObjectEx 0x0000008F
3355. 2: DllCanUnloadNowInternal 0x00002202
3356. 3: DllCanUnloadNowInternal 0x0000237F
3357. 4: DllCanUnloadNowInternal 0x000023EA
3358. 5: InstallCustomModule 0x00001C7F
3359. 6: BaseThreadInitThunk 0x00000022
3360. 7: RtlUserThreadStart 0x00000034
3361.  
3362.  
3363.  
3364. ------------------------------
3365. THREAD ID: 0x000033A8
3366. got context
3367. Module path: C:\Windows\SYSTEM32\ntdll.dll
3368. PC: 0x0000000070B35164 ModuleOffset: 0x00000000F0E85164
3369. RAX: 0x0000000000000000 RBX: 0x0000000000000000 RCX: 0x0000000000000000
3370. RDX: 0x000000009ADFF040 RDI: 0x0000000000000618 RSI: 0x0000000000004E20
3371. RSP: 0x000000009ADFEF88 RIP: 0x00000000F0E85164 RBP: 0x000000009ADFF110
3372. R8 : 0x0000000091558000 R9 : 0x0000000000000000 R10: 0x0000000000000000
3373. R11: 0x000000009ADFF0B8 R12: 0x0000000000000001 R13: 0x0000000000000000
3374. R14: 0x000000009ADFEFB8 R15: 0x00000000FFFF0000
3375.  
3376. Memory from 0x00000000F0E85144
3377. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
3378. 04 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
3379. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
3380. 05 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
3381. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
3382.  
3383. Stack Trace
3384. 0: NtWaitForSingleObject 0x00000014
3385. 1: WaitForSingleObjectEx 0x0000008F
3386. 2: DllCanUnloadNowInternal 0x00002202
3387. 3: DllCanUnloadNowInternal 0x0000237F
3388. 4: DllCanUnloadNowInternal 0x000023EA
3389. 5: InstallCustomModule 0x00001C7F
3390. 6: BaseThreadInitThunk 0x00000022
3391. 7: RtlUserThreadStart 0x00000034
3392.  
3393.  
3394.  
3395. ------------------------------
3396. THREAD ID: 0x00001318
3397. got context
3398. Module path: C:\Windows\SYSTEM32\ntdll.dll
3399. PC: 0x0000000070B35164 ModuleOffset: 0x00000000F0E85164
3400. RAX: 0x000000000000050E RBX: 0x0000000000000000 RCX: 0x0000000001029220
3401. RDX: 0x0000000000000000 RDI: 0x0000000000000618 RSI: 0x0000000000004E20
3402. RSP: 0x000000009B1FF1C8 RIP: 0x00000000F0E85164 RBP: 0x000000009B1FF350
3403. R8 : 0x0000000000000001 R9 : 0x0000000000000000 R10: 0x000000000001AB26
3404. R11: 0x000000009ADD9740 R12: 0x0000000000000001 R13: 0x0000000000000000
3405. R14: 0x000000009B1FF1F8 R15: 0x00000000FFFF0000
3406.  
3407. Memory from 0x00000000F0E85144
3408. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
3409. 04 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
3410. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
3411. 05 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
3412. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
3413.  
3414. Stack Trace
3415. 0: NtWaitForSingleObject 0x00000014
3416. 1: WaitForSingleObjectEx 0x0000008F
3417. 2: DllCanUnloadNowInternal 0x00002202
3418. 3: DllCanUnloadNowInternal 0x0000237F
3419. 4: DllCanUnloadNowInternal 0x000023EA
3420. 5: InstallCustomModule 0x00001C7F
3421. 6: BaseThreadInitThunk 0x00000022
3422. 7: RtlUserThreadStart 0x00000034
3423.  
3424.  
3425.  
3426. ------------------------------
3427. THREAD ID: 0x00003608
3428. got context
3429. Module path: C:\Windows\SYSTEM32\ntdll.dll
3430. PC: 0x0000000070B35164 ModuleOffset: 0x00000000F0E85164
3431. RAX: 0x0000000040000024 RBX: 0x0000000000000000 RCX: 0x00000000F0E85764
3432. RDX: 0x0000000000000000 RDI: 0x0000000000000618 RSI: 0x0000000000004E20
3433. RSP: 0x000000009B5FF118 RIP: 0x00000000F0E85164 RBP: 0x000000009B5FF2A0
3434. R8 : 0x000000009B5FF1A8 R9 : 0x0000000000000000 R10: 0x0000000000000000
3435. R11: 0x0000000000000246 R12: 0x0000000000000001 R13: 0x0000000000000000
3436. R14: 0x000000009B5FF148 R15: 0x00000000FFFF0000
3437.  
3438. Memory from 0x00000000F0E85144
3439. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
3440. 04 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
3441. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
3442. 05 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
3443. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
3444.  
3445. Stack Trace
3446. 0: NtWaitForSingleObject 0x00000014
3447. 1: WaitForSingleObjectEx 0x0000008F
3448. 2: DllCanUnloadNowInternal 0x00002202
3449. 3: DllCanUnloadNowInternal 0x0000237F
3450. 4: DllCanUnloadNowInternal 0x000023EA
3451. 5: InstallCustomModule 0x00001C7F
3452. 6: BaseThreadInitThunk 0x00000022
3453. 7: RtlUserThreadStart 0x00000034
3454.  
3455.  
3456.  
3457. ------------------------------
3458. THREAD ID: 0x00003314
3459. got context
3460. Module path: C:\Windows\SYSTEM32\ntdll.dll
3461. PC: 0x0000000070B35164 ModuleOffset: 0x00000000F0E85164
3462. RAX: 0x0000000040000024 RBX: 0x0000000000000000 RCX: 0x00000000F0E85764
3463. RDX: 0x0000000000000000 RDI: 0x0000000000000618 RSI: 0x0000000000004E20
3464. RSP: 0x000000009B9FEFD8 RIP: 0x00000000F0E85164 RBP: 0x000000009B9FF160
3465. R8 : 0x000000009B9FF068 R9 : 0x0000000000000000 R10: 0x0000000000000000
3466. R11: 0x0000000000000246 R12: 0x0000000000000001 R13: 0x0000000000000000
3467. R14: 0x000000009B9FF008 R15: 0x00000000FFFF0000
3468.  
3469. Memory from 0x00000000F0E85144
3470. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
3471. 04 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
3472. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
3473. 05 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
3474. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
3475.  
3476. Stack Trace
3477. 0: NtWaitForSingleObject 0x00000014
3478. 1: WaitForSingleObjectEx 0x0000008F
3479. 2: DllCanUnloadNowInternal 0x00002202
3480. 3: DllCanUnloadNowInternal 0x0000237F
3481. 4: DllCanUnloadNowInternal 0x000023EA
3482. 5: InstallCustomModule 0x00001C7F
3483. 6: BaseThreadInitThunk 0x00000022
3484. 7: RtlUserThreadStart 0x00000034
3485.  
3486.  
3487.  
3488. ------------------------------
3489. THREAD ID: 0x0000241C
3490. got context
3491. Module path: C:\Windows\SYSTEM32\ntdll.dll
3492. PC: 0x0000000070B35164 ModuleOffset: 0x00000000F0E85164
3493. RAX: 0x000000009ADDA6E0 RBX: 0x0000000000000000 RCX: 0x0000000000000000
3494. RDX: 0x000000000000000A RDI: 0x0000000000000618 RSI: 0x0000000000004E20
3495. RSP: 0x000000009BDFF108 RIP: 0x00000000F0E85164 RBP: 0x000000009BDFF290
3496. R8 : 0x00000000FFFEFFF5 R9 : 0x0000000000000000 R10: 0x0000000000000000
3497. R11: 0x000000009BDFF260 R12: 0x0000000000000001 R13: 0x0000000000000000
3498. R14: 0x000000009BDFF138 R15: 0x00000000FFFF0000
3499.  
3500. Memory from 0x00000000F0E85144
3501. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
3502. 04 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
3503. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
3504. 05 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
3505. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
3506.  
3507. Stack Trace
3508. 0: NtWaitForSingleObject 0x00000014
3509. 1: WaitForSingleObjectEx 0x0000008F
3510. 2: DllCanUnloadNowInternal 0x00002202
3511. 3: DllCanUnloadNowInternal 0x0000237F
3512. 4: DllCanUnloadNowInternal 0x000023EA
3513. 5: InstallCustomModule 0x00001C7F
3514. 6: BaseThreadInitThunk 0x00000022
3515. 7: RtlUserThreadStart 0x00000034
3516.  
3517.  
3518.  
3519. ------------------------------
3520. THREAD ID: 0x00002658
3521. got context
3522. Module path: C:\Windows\SYSTEM32\ntdll.dll
3523. PC: 0x0000000070B35164 ModuleOffset: 0x00000000F0E85164
3524. RAX: 0x0000000000000000 RBX: 0x0000000000000000 RCX: 0x00000000F0E85764
3525. RDX: 0x0000000000000000 RDI: 0x0000000000000618 RSI: 0x0000000000004E20
3526. RSP: 0x000000009C1FED88 RIP: 0x00000000F0E85164 RBP: 0x000000009C1FEF10
3527. R8 : 0x000000009C1FEE18 R9 : 0x0000000000000000 R10: 0x0000000000000000
3528. R11: 0x0000000000000246 R12: 0x0000000000000001 R13: 0x0000000000000000
3529. R14: 0x000000009C1FEDB8 R15: 0x00000000FFFF0000
3530.  
3531. Memory from 0x00000000F0E85144
3532. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
3533. 04 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
3534. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
3535. 05 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
3536. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
3537.  
3538. Stack Trace
3539. 0: NtWaitForSingleObject 0x00000014
3540. 1: WaitForSingleObjectEx 0x0000008F
3541. 2: DllCanUnloadNowInternal 0x00002202
3542. 3: DllCanUnloadNowInternal 0x0000237F
3543. 4: DllCanUnloadNowInternal 0x000023EA
3544. 5: InstallCustomModule 0x00001C7F
3545. 6: BaseThreadInitThunk 0x00000022
3546. 7: RtlUserThreadStart 0x00000034
3547.  
3548.  
3549.  
3550. ------------------------------
3551. THREAD ID: 0x00000580
3552. got context
3553. Module path: C:\Windows\SYSTEM32\ntdll.dll
3554. PC: 0x0000000070B35164 ModuleOffset: 0x00000000F0E85164
3555. RAX: 0x0000000000000000 RBX: 0x0000000000000000 RCX: 0x00000000DCA92838
3556. RDX: 0x000000009C5FE490 RDI: 0x0000000000000618 RSI: 0x0000000000004E20
3557. RSP: 0x000000009C5FEA48 RIP: 0x00000000F0E85164 RBP: 0x000000009C5FEBD0
3558. R8 : 0x0000000000000000 R9 : 0x000000009B7F59E0 R10: 0x0000000000000000
3559. R11: 0x00000000DCAC2290 R12: 0x0000000000000001 R13: 0x0000000000000000
3560. R14: 0x000000009C5FEA78 R15: 0x00000000FFFF0000
3561.  
3562. Memory from 0x00000000F0E85144
3563. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
3564. 04 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
3565. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
3566. 05 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
3567. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
3568.  
3569. Stack Trace
3570. 0: NtWaitForSingleObject 0x00000014
3571. 1: WaitForSingleObjectEx 0x0000008F
3572. 2: DllCanUnloadNowInternal 0x00002202
3573. 3: DllCanUnloadNowInternal 0x0000237F
3574. 4: DllCanUnloadNowInternal 0x000023EA
3575. 5: InstallCustomModule 0x00001C7F
3576. 6: BaseThreadInitThunk 0x00000022
3577. 7: RtlUserThreadStart 0x00000034
3578.  
3579.  
3580.  
3581. ------------------------------
3582. THREAD ID: 0x0000374C
3583. got context
3584. Module path: C:\Windows\SYSTEM32\ntdll.dll
3585. PC: 0x0000000070B35164 ModuleOffset: 0x00000000F0E85164
3586. RAX: 0x0000000000000002 RBX: 0x0000000000000000 RCX: 0x0000000000000000
3587. RDX: 0x0000000000000000 RDI: 0x0000000000000618 RSI: 0x0000000000004E20
3588. RSP: 0x000000009C9FE898 RIP: 0x00000000F0E85164 RBP: 0x000000009C9FEA20
3589. R8 : 0x000000009C9FE928 R9 : 0x0000000000000000 R10: 0x0000000000000000
3590. R11: 0x0000000000000246 R12: 0x0000000000000001 R13: 0x0000000000000000
3591. R14: 0x000000009C9FE8C8 R15: 0x00000000FFFF0000
3592.  
3593. Memory from 0x00000000F0E85144
3594. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
3595. 04 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
3596. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
3597. 05 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
3598. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
3599.  
3600. Stack Trace
3601. 0: NtWaitForSingleObject 0x00000014
3602. 1: WaitForSingleObjectEx 0x0000008F
3603. 2: DllCanUnloadNowInternal 0x00002202
3604. 3: DllCanUnloadNowInternal 0x0000237F
3605. 4: DllCanUnloadNowInternal 0x000023EA
3606. 5: InstallCustomModule 0x00001C7F
3607. 6: BaseThreadInitThunk 0x00000022
3608. 7: RtlUserThreadStart 0x00000034
3609.  
3610.  
3611.  
3612. ------------------------------
3613. THREAD ID: 0x00002520
3614. got context
3615. Module path: C:\Windows\SYSTEM32\ntdll.dll
3616. PC: 0x0000000070B35164 ModuleOffset: 0x00000000F0E85164
3617. RAX: 0x00000000E0510970 RBX: 0x0000000000000000 RCX: 0x0000000000000000
3618. RDX: 0x0000000000000000 RDI: 0x0000000000000618 RSI: 0x0000000000004E20
3619. RSP: 0x000000009CDFEB08 RIP: 0x00000000F0E85164 RBP: 0x000000009CDFEC90
3620. R8 : 0x00000000E02D9C60 R9 : 0x0000000000000000 R10: 0x0000000000000000
3621. R11: 0x000000009CDFEC60 R12: 0x0000000000000001 R13: 0x0000000000000000
3622. R14: 0x000000009CDFEB38 R15: 0x00000000FFFF0000
3623.  
3624. Memory from 0x00000000F0E85144
3625. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
3626. 04 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
3627. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
3628. 05 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
3629. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
3630.  
3631. Stack Trace
3632. 0: NtWaitForSingleObject 0x00000014
3633. 1: WaitForSingleObjectEx 0x0000008F
3634. 2: DllCanUnloadNowInternal 0x00002202
3635. 3: DllCanUnloadNowInternal 0x0000237F
3636. 4: DllCanUnloadNowInternal 0x000023EA
3637. 5: InstallCustomModule 0x00001C7F
3638. 6: BaseThreadInitThunk 0x00000022
3639. 7: RtlUserThreadStart 0x00000034
3640.  
3641.  
3642.  
3643. ------------------------------
3644. THREAD ID: 0x00001424
3645. got context
3646. Module path: C:\Windows\SYSTEM32\ntdll.dll
3647. PC: 0x0000000070B35164 ModuleOffset: 0x00000000F0E85164
3648. RAX: 0x0000000000000000 RBX: 0x0000000000000000 RCX: 0x00000000F0E85164
3649. RDX: 0x0000000000000000 RDI: 0x0000000000000618 RSI: 0x0000000000004E20
3650. RSP: 0x000000009D1FE7D8 RIP: 0x00000000F0E85164 RBP: 0x000000009D1FE960
3651. R8 : 0x000000009D1FE7D8 R9 : 0x000000009D1FE960 R10: 0x0000000000000000
3652. R11: 0x0000000000000246 R12: 0x0000000000000001 R13: 0x0000000000000000
3653. R14: 0x000000009D1FE808 R15: 0x00000000FFFF0000
3654.  
3655. Memory from 0x00000000F0E85144
3656. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
3657. 04 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
3658. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
3659. 05 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
3660. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
3661.  
3662. Stack Trace
3663. 0: NtWaitForSingleObject 0x00000014
3664. 1: WaitForSingleObjectEx 0x0000008F
3665. 2: DllCanUnloadNowInternal 0x00002202
3666. 3: DllCanUnloadNowInternal 0x0000237F
3667. 4: DllCanUnloadNowInternal 0x000023EA
3668. 5: InstallCustomModule 0x00001C7F
3669. 6: BaseThreadInitThunk 0x00000022
3670. 7: RtlUserThreadStart 0x00000034
3671.  
3672.  
3673.  
3674. ------------------------------
3675. THREAD ID: 0x000035F8
3676. got context
3677. Module path: C:\Windows\SYSTEM32\ntdll.dll
3678. PC: 0x0000000070B35164 ModuleOffset: 0x00000000F0E85164
3679. RAX: 0x000000004274BFA0 RBX: 0x0000000000000000 RCX: 0x0000000057904279
3680. RDX: 0x000000008B7DEF20 RDI: 0x0000000000000618 RSI: 0x0000000000004E20
3681. RSP: 0x000000009D9FEB28 RIP: 0x00000000F0E85164 RBP: 0x000000009D9FECB0
3682. R8 : 0x0000000000000000 R9 : 0x000000009B7FA030 R10: 0x0000000000000000
3683. R11: 0x00000000DCAC2290 R12: 0x0000000000000001 R13: 0x0000000000000000
3684. R14: 0x000000009D9FEB58 R15: 0x00000000FFFF0000
3685.  
3686. Memory from 0x00000000F0E85144
3687. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
3688. 04 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
3689. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
3690. 05 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
3691. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
3692.  
3693. Stack Trace
3694. 0: NtWaitForSingleObject 0x00000014
3695. 1: WaitForSingleObjectEx 0x0000008F
3696. 2: DllCanUnloadNowInternal 0x00002202
3697. 3: DllCanUnloadNowInternal 0x0000237F
3698. 4: DllCanUnloadNowInternal 0x000023EA
3699. 5: InstallCustomModule 0x00001C7F
3700. 6: BaseThreadInitThunk 0x00000022
3701. 7: RtlUserThreadStart 0x00000034
3702.  
3703.  
3704.  
3705. ------------------------------
3706. THREAD ID: 0x00001384
3707. got context
3708. Module path: C:\Windows\SYSTEM32\ntdll.dll
3709. PC: 0x0000000070B35164 ModuleOffset: 0x00000000F0E85164
3710. RAX: 0x0000000000000002 RBX: 0x0000000000000000 RCX: 0x0000000000000004
3711. RDX: 0x0000000000000000 RDI: 0x0000000000000618 RSI: 0x0000000000004E20
3712. RSP: 0x000000009D5FE808 RIP: 0x00000000F0E85164 RBP: 0x000000009D5FE990
3713. R8 : 0x000000009D5FE898 R9 : 0x0000000000000000 R10: 0x0000000000000000
3714. R11: 0x0000000000000246 R12: 0x0000000000000001 R13: 0x0000000000000000
3715. R14: 0x000000009D5FE838 R15: 0x00000000FFFF0000
3716.  
3717. Memory from 0x00000000F0E85144
3718. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
3719. 04 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
3720. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
3721. 05 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
3722. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
3723.  
3724. Stack Trace
3725. 0: NtWaitForSingleObject 0x00000014
3726. 1: WaitForSingleObjectEx 0x0000008F
3727. 2: DllCanUnloadNowInternal 0x00002202
3728. 3: DllCanUnloadNowInternal 0x0000237F
3729. 4: DllCanUnloadNowInternal 0x000023EA
3730. 5: InstallCustomModule 0x00001C7F
3731. 6: BaseThreadInitThunk 0x00000022
3732. 7: RtlUserThreadStart 0x00000034
3733.  
3734.  
3735.  
3736. ------------------------------
3737. THREAD ID: 0x000038AC
3738. got context
3739. Module path: C:\Windows\SYSTEM32\ntdll.dll
3740. PC: 0x0000000070B35764 ModuleOffset: 0x00000000F0E85764
3741. RAX: 0x0000000091570000 RBX: 0x0000000000000001 RCX: 0x000000009DDFDEC0
3742. RDX: 0x0000000000000000 RDI: 0x0000000000000000 RSI: 0x000000000000003E
3743. RSP: 0x000000009DDFDE88 RIP: 0x00000000F0E85764 RBP: 0x000000000000003E
3744. R8 : 0x000000009DDFDE88 R9 : 0x000000000000003E R10: 0x0000000000000000
3745. R11: 0x0000000000000246 R12: 0x0000000000000000 R13: 0x000000009DDFE4A0
3746. R14: 0x000000009DDFDEB0 R15: 0x0000000000000000
3747.  
3748. Memory from 0x00000000F0E85744
3749. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
3750. 34 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
3751. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
3752. 35 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
3753. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
3754.  
3755. Stack Trace
3756. 0: ZwDelayExecution 0x00000014
3757. 1: SleepEx 0x000000A7
3758. 2: LogHelp_LogAssert 0x00000B13
3759. 3: GetMetaDataPublicInterfaceFromInternal 0x00008830
3760. 4: GetMetaDataPublicInterfaceFromInternal 0x0000870D
3761. 12: DllCanUnloadNowInternal 0x00000BE3
3762. 13: DllCanUnloadNowInternal 0x00000AA3
3763. 14: DllCanUnloadNowInternal 0x000012F5
3764. 15: GetPrivateContextsPerfCounters 0x00007B79
3765. 16: DllCanUnloadNowInternal 0x000019A9
3766. 17: DllCanUnloadNowInternal 0x00001924
3767. 18: DllCanUnloadNowInternal 0x00001862
3768. 19: DllCanUnloadNowInternal 0x000019E3
3769. 20: GetPrivateContextsPerfCounters 0x00007A5B
3770. 21: InstallCustomModule 0x00001C7F
3771. 22: BaseThreadInitThunk 0x00000022
3772. 23: RtlUserThreadStart 0x00000034
3773.  
3774.  
3775.  
3776. ------------------------------
3777. THREAD ID: 0x00001F40
3778. got context
3779. Module path: C:\Windows\SYSTEM32\ntdll.dll
3780. PC: 0x0000000070B35164 ModuleOffset: 0x00000000F0E85164
3781. RAX: 0x0000000000000001 RBX: 0x0000000000000000 RCX: 0x000000009B851828
3782. RDX: 0x00000000001F0002 RDI: 0x0000000000000160 RSI: 0x00000000FFFFFFFF
3783. RSP: 0x000000009132E4E8 RIP: 0x00000000F0E85164 RBP: 0x000000009B7F88C0
3784. R8 : 0x0000000080411680 R9 : 0x0000000000000000 R10: 0x0000000000000000
3785. R11: 0x0000000000000064 R12: 0x0000000000000000 R13: 0x0000000080000000
3786. R14: 0x0000000000000000 R15: 0x0000000000000000
3787.  
3788. Memory from 0x00000000F0E85144
3789. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
3790. 04 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
3791. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
3792. 05 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
3793. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
3794.  
3795. Stack Trace
3796. 0: NtWaitForSingleObject 0x00000014
3797. 1: WaitForSingleObjectEx 0x0000008F
3798. 2: GetMetaDataPublicInterfaceFromInternal 0x00008D67
3799. 3: GetMetaDataPublicInterfaceFromInternal 0x00008D1F
3800. 4: GetMetaDataPublicInterfaceFromInternal 0x00008CE0
3801. 5: GetPrivateContextsPerfCounters 0x00000E3C
3802. 6: InstallCustomModule 0x00001C7F
3803. 7: BaseThreadInitThunk 0x00000022
3804. 8: RtlUserThreadStart 0x00000034
3805.  
3806.  
3807.  
3808. ------------------------------
3809. THREAD ID: 0x000019E8
3810. got context
3811. Module path: C:\Windows\SYSTEM32\ntdll.dll
3812. PC: 0x0000000070B387F4 ModuleOffset: 0x00000000F0E887F4
3813. RAX: 0x0000000000000000 RBX: 0x000000008049B330 RCX: 0x00000000F0E0B350
3814. RDX: 0x000000009ADE7120 RDI: 0x0000000000000000 RSI: 0x0000000000000010
3815. RSP: 0x000000009E1FF378 RIP: 0x00000000F0E887F4 RBP: 0x0000000000000000
3816. R8 : 0x0000000000000000 R9 : 0x0000000000000000 R10: 0x0000000000000000
3817. R11: 0x0000000000000000 R12: 0x0000000000000000 R13: 0x00000000F0E0E130
3818. R14: 0x00000000F0DE9AF0 R15: 0x000000009ADE7120
3819.  
3820. Memory from 0x00000000F0E887D4
3821. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
3822. B9 01 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
3823. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
3824. BA 01 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
3825. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
3826.  
3827. Stack Trace
3828. 0: ZwWaitForWorkViaWorkerFactory 0x00000014
3829. 1: RtlAcquireSRWLockShared 0x00003E28
3830. 2: BaseThreadInitThunk 0x00000022
3831. 3: RtlUserThreadStart 0x00000034
3832.  
3833.  
3834.  
3835. ------------------------------
3836. THREAD ID: 0x0000246C
3837. got context
3838. Module path: C:\Windows\system32\USER32.dll
3839. PC: 0x00000000700D21D4 ModuleOffset: 0x00000000F04221D4
3840. RAX: 0x0000000081EE0070 RBX: 0x000000009E9FF790 RCX: 0x0000000081EF0000
3841. RDX: 0x0000000000000000 RDI: 0x00000000919FE020 RSI: 0x0000000000000000
3842. RSP: 0x000000009E9FF678 RIP: 0x00000000F04221D4 RBP: 0x000000009A9580C0
3843. R8 : 0x000000009E9FF4A8 R9 : 0x000000009A9580C0 R10: 0x0000000000000000
3844. R11: 0x0000000000000246 R12: 0x00000000000003C0 R13: 0x0000000089680000
3845. R14: 0x000000009E9FF758 R15: 0x000000000000AC44
3846.  
3847. Memory from 0x00000000F04221B4
3848. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
3849. 09 10 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
3850. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
3851. 0A 10 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
3852. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
3853.  
3854. Stack Trace
3855. 0: InvalidateRect 0x00000054
3856. 1: GetMessageA 0x00000044
3857. 2: alcMakeContextCurrent 0x0000D48A
3858. 3: BaseThreadInitThunk 0x00000022
3859. 4: RtlUserThreadStart 0x00000034
3860.  
3861.  
3862.  
3863. ------------------------------
3864. THREAD ID: 0x00000938
3865. got context
3866. Module path: C:\Windows\SYSTEM32\ntdll.dll
3867. PC: 0x0000000070B35164 ModuleOffset: 0x00000000F0E85164
3868. RAX: 0x000000009F5FF648 RBX: 0x0000000000000000 RCX: 0x0000000000000000
3869. RDX: 0x0000000000000000 RDI: 0x0000000000000618 RSI: 0x0000000000004E20
3870. RSP: 0x000000009F5FF4E8 RIP: 0x00000000F0E85164 RBP: 0x000000009F5FF670
3871. R8 : 0x0000000000000000 R9 : 0x0000000000000000 R10: 0x0000000000000000
3872. R11: 0x0000000000000246 R12: 0x0000000000000001 R13: 0x0000000000000000
3873. R14: 0x000000009F5FF518 R15: 0x00000000FFFF0000
3874.  
3875. Memory from 0x00000000F0E85144
3876. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
3877. 04 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
3878. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
3879. 05 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
3880. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
3881.  
3882. Stack Trace
3883. 0: NtWaitForSingleObject 0x00000014
3884. 1: WaitForSingleObjectEx 0x0000008F
3885. 2: DllCanUnloadNowInternal 0x00002202
3886. 3: DllCanUnloadNowInternal 0x0000237F
3887. 4: DllCanUnloadNowInternal 0x000023EA
3888. 5: InstallCustomModule 0x00001C7F
3889. 6: BaseThreadInitThunk 0x00000022
3890. 7: RtlUserThreadStart 0x00000034
3891.  
3892.  
3893.  
3894. ------------------------------
3895. THREAD ID: 0x000012F4
3896. got context
3897. Module path: C:\Windows\SYSTEM32\ntdll.dll
3898. PC: 0x0000000070B35164 ModuleOffset: 0x00000000F0E85164
3899. RAX: 0x000000004274BFA0 RBX: 0x0000000000000000 RCX: 0x0000000057905D7B
3900. RDX: 0x000000008B64AD48 RDI: 0x0000000000000618 RSI: 0x0000000000004E20
3901. RSP: 0x000000009F9FF908 RIP: 0x00000000F0E85164 RBP: 0x000000009F9FFA90
3902. R8 : 0x0000000000000000 R9 : 0x000000009B7F7150 R10: 0x0000000000000000
3903. R11: 0x00000000DCAC2290 R12: 0x0000000000000001 R13: 0x0000000000000000
3904. R14: 0x000000009F9FF938 R15: 0x00000000FFFF0000
3905.  
3906. Memory from 0x00000000F0E85144
3907. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
3908. 04 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
3909. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
3910. 05 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
3911. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
3912.  
3913. Stack Trace
3914. 0: NtWaitForSingleObject 0x00000014
3915. 1: WaitForSingleObjectEx 0x0000008F
3916. 2: DllCanUnloadNowInternal 0x00002202
3917. 3: DllCanUnloadNowInternal 0x0000237F
3918. 4: DllCanUnloadNowInternal 0x000023EA
3919. 5: InstallCustomModule 0x00001C7F
3920. 6: BaseThreadInitThunk 0x00000022
3921. 7: RtlUserThreadStart 0x00000034
3922.  
3923.  
3924.  
3925. ------------------------------
3926. THREAD ID: 0x00002750
3927. got context
3928. Module path: C:\Windows\SYSTEM32\ntdll.dll
3929. PC: 0x0000000070B35164 ModuleOffset: 0x00000000F0E85164
3930. RAX: 0x0000000000000000 RBX: 0x0000000000000000 RCX: 0x00000000F0E85764
3931. RDX: 0x0000000000000000 RDI: 0x0000000000000618 RSI: 0x0000000000004E20
3932. RSP: 0x000000009FDFF518 RIP: 0x00000000F0E85164 RBP: 0x000000009FDFF6A0
3933. R8 : 0x000000009FDFF5A8 R9 : 0x0000000000000000 R10: 0x0000000000000000
3934. R11: 0x0000000000000246 R12: 0x0000000000000001 R13: 0x0000000000000000
3935. R14: 0x000000009FDFF548 R15: 0x00000000FFFF0000
3936.  
3937. Memory from 0x00000000F0E85144
3938. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
3939. 04 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
3940. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
3941. 05 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
3942. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
3943.  
3944. Stack Trace
3945. 0: NtWaitForSingleObject 0x00000014
3946. 1: WaitForSingleObjectEx 0x0000008F
3947. 2: DllCanUnloadNowInternal 0x00002202
3948. 3: DllCanUnloadNowInternal 0x0000237F
3949. 4: DllCanUnloadNowInternal 0x000023EA
3950. 5: InstallCustomModule 0x00001C7F
3951. 6: BaseThreadInitThunk 0x00000022
3952. 7: RtlUserThreadStart 0x00000034
3953.  
3954.  
3955.  
3956. ------------------------------
3957. THREAD ID: 0x000019A8
3958. got context
3959. Module path: C:\Windows\SYSTEM32\ntdll.dll
3960. PC: 0x0000000070B35164 ModuleOffset: 0x00000000F0E85164
3961. RAX: 0x0000000040000024 RBX: 0x0000000000000000 RCX: 0x00000000F0E85764
3962. RDX: 0x0000000000000000 RDI: 0x0000000000000618 RSI: 0x0000000000004E20
3963. RSP: 0x00000000A01FFB48 RIP: 0x00000000F0E85164 RBP: 0x00000000A01FFCD0
3964. R8 : 0x00000000A01FFBD8 R9 : 0x0000000000000000 R10: 0x0000000000000000
3965. R11: 0x0000000000000246 R12: 0x0000000000000001 R13: 0x0000000000000000
3966. R14: 0x00000000A01FFB78 R15: 0x00000000FFFF0000
3967.  
3968. Memory from 0x00000000F0E85144
3969. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
3970. 04 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
3971. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
3972. 05 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
3973. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
3974.  
3975. Stack Trace
3976. 0: NtWaitForSingleObject 0x00000014
3977. 1: WaitForSingleObjectEx 0x0000008F
3978. 2: DllCanUnloadNowInternal 0x00002202
3979. 3: DllCanUnloadNowInternal 0x0000237F
3980. 4: DllCanUnloadNowInternal 0x000023EA
3981. 5: InstallCustomModule 0x00001C7F
3982. 6: BaseThreadInitThunk 0x00000022
3983. 7: RtlUserThreadStart 0x00000034
3984.  
3985.  
3986.  
3987. ------------------------------
3988. THREAD ID: 0x00003304
3989. got context
3990. Module path: C:\Windows\SYSTEM32\ntdll.dll
3991. PC: 0x0000000070B35164 ModuleOffset: 0x00000000F0E85164
3992. RAX: 0x00000000A05FF898 RBX: 0x0000000000000000 RCX: 0x0000000000000000
3993. RDX: 0x0000000000000000 RDI: 0x0000000000000618 RSI: 0x0000000000004E20
3994. RSP: 0x00000000A05FF738 RIP: 0x00000000F0E85164 RBP: 0x00000000A05FF8C0
3995. R8 : 0x0000000000000000 R9 : 0x0000000000000000 R10: 0x0000000000000000
3996. R11: 0x0000000000000246 R12: 0x0000000000000001 R13: 0x0000000000000000
3997. R14: 0x00000000A05FF768 R15: 0x00000000FFFF0000
3998.  
3999. Memory from 0x00000000F0E85144
4000. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
4001. 04 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
4002. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
4003. 05 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
4004. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
4005.  
4006. Stack Trace
4007. 0: NtWaitForSingleObject 0x00000014
4008. 1: WaitForSingleObjectEx 0x0000008F
4009. 2: DllCanUnloadNowInternal 0x00002202
4010. 3: DllCanUnloadNowInternal 0x0000237F
4011. 4: DllCanUnloadNowInternal 0x000023EA
4012. 5: InstallCustomModule 0x00001C7F
4013. 6: BaseThreadInitThunk 0x00000022
4014. 7: RtlUserThreadStart 0x00000034
4015.  
4016.  
4017.  
4018. ------------------------------
4019. THREAD ID: 0x00003108
4020. got context
4021. Module path: C:\Windows\SYSTEM32\ntdll.dll
4022. PC: 0x0000000070B35164 ModuleOffset: 0x00000000F0E85164
4023. RAX: 0x0000000000000000 RBX: 0x0000000000000000 RCX: 0x0000000082EED118
4024. RDX: 0x0000000000000014 RDI: 0x0000000000000618 RSI: 0x0000000000004E20
4025. RSP: 0x00000000A09FF3C8 RIP: 0x00000000F0E85164 RBP: 0x00000000A09FF550
4026. R8 : 0x00000000DD0077E0 R9 : 0x0000000000000000 R10: 0x0000000000000001
4027. R11: 0x000000000064BAA7 R12: 0x0000000000000001 R13: 0x0000000000000000
4028. R14: 0x00000000A09FF3F8 R15: 0x00000000FFFF0000
4029.  
4030. Memory from 0x00000000F0E85144
4031. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
4032. 04 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
4033. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
4034. 05 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
4035. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
4036.  
4037. Stack Trace
4038. 0: NtWaitForSingleObject 0x00000014
4039. 1: WaitForSingleObjectEx 0x0000008F
4040. 2: DllCanUnloadNowInternal 0x00002202
4041. 3: DllCanUnloadNowInternal 0x0000237F
4042. 4: DllCanUnloadNowInternal 0x000023EA
4043. 5: InstallCustomModule 0x00001C7F
4044. 6: BaseThreadInitThunk 0x00000022
4045. 7: RtlUserThreadStart 0x00000034
4046.  
4047.  
4048.  
4049. ------------------------------
4050. THREAD ID: 0x00001BE8
4051. got context
4052. Module path: C:\Windows\SYSTEM32\ntdll.dll
4053. PC: 0x0000000070B35164 ModuleOffset: 0x00000000F0E85164
4054. RAX: 0x000000004274BFA0 RBX: 0x0000000000000000 RCX: 0x0000000057905DC0
4055. RDX: 0x000000008B6B2FA0 RDI: 0x0000000000000618 RSI: 0x0000000000004E20
4056. RSP: 0x00000000A0DFF228 RIP: 0x00000000F0E85164 RBP: 0x00000000A0DFF3B0
4057. R8 : 0x0000000000000000 R9 : 0x000000009B7FAFD0 R10: 0x0000000000000000
4058. R11: 0x00000000DCAC2290 R12: 0x0000000000000001 R13: 0x0000000000000000
4059. R14: 0x00000000A0DFF258 R15: 0x00000000FFFF0000
4060.  
4061. Memory from 0x00000000F0E85144
4062. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
4063. 04 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
4064. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
4065. 05 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
4066. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
4067.  
4068. Stack Trace
4069. 0: NtWaitForSingleObject 0x00000014
4070. 1: WaitForSingleObjectEx 0x0000008F
4071. 2: DllCanUnloadNowInternal 0x00002202
4072. 3: DllCanUnloadNowInternal 0x0000237F
4073. 4: DllCanUnloadNowInternal 0x000023EA
4074. 5: InstallCustomModule 0x00001C7F
4075. 6: BaseThreadInitThunk 0x00000022
4076. 7: RtlUserThreadStart 0x00000034
4077.  
4078.  
4079.  
4080. ------------------------------
4081. THREAD ID: 0x00002930
4082. got context
4083. Module path: C:\Windows\SYSTEM32\ntdll.dll
4084. PC: 0x0000000070B35164 ModuleOffset: 0x00000000F0E85164
4085. RAX: 0x0000000000000000 RBX: 0x0000000000000000 RCX: 0x00000000F0E85764
4086. RDX: 0x0000000000000000 RDI: 0x0000000000000618 RSI: 0x0000000000004E20
4087. RSP: 0x00000000A11FF1F8 RIP: 0x00000000F0E85164 RBP: 0x00000000A11FF380
4088. R8 : 0x00000000A11FF288 R9 : 0x0000000000000000 R10: 0x0000000000000000
4089. R11: 0x0000000000000246 R12: 0x0000000000000001 R13: 0x0000000000000000
4090. R14: 0x00000000A11FF228 R15: 0x00000000FFFF0000
4091.  
4092. Memory from 0x00000000F0E85144
4093. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
4094. 04 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
4095. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
4096. 05 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
4097. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
4098.  
4099. Stack Trace
4100. 0: NtWaitForSingleObject 0x00000014
4101. 1: WaitForSingleObjectEx 0x0000008F
4102. 2: DllCanUnloadNowInternal 0x00002202
4103. 3: DllCanUnloadNowInternal 0x0000237F
4104. 4: DllCanUnloadNowInternal 0x000023EA
4105. 5: InstallCustomModule 0x00001C7F
4106. 6: BaseThreadInitThunk 0x00000022
4107. 7: RtlUserThreadStart 0x00000034
4108.  
4109.  
4110.  
4111. ------------------------------
4112. THREAD ID: 0x00002630
4113. got context
4114. Module path: C:\Windows\SYSTEM32\ntdll.dll
4115. PC: 0x0000000070B35C34 ModuleOffset: 0x00000000F0E85C34
4116. RAX: 0x0000000000000000 RBX: 0x0000000000000003 RCX: 0x0000000065ED9BF0
4117. RDX: 0x000000009B9DECC0 RDI: 0x0000000000000003 RSI: 0x0000000000000000
4118. RSP: 0x00000000A15FF7C8 RIP: 0x00000000F0E85C34 RBP: 0x0000000000000001
4119. R8 : 0x0000000000000000 R9 : 0x0000000000000000 R10: 0x0000000000000000
4120. R11: 0x0000000000000000 R12: 0x00000000FFFFFFFF R13: 0x00000000A15FFB30
4121. R14: 0x0000000000000000 R15: 0x0000000000000000
4122.  
4123. Memory from 0x00000000F0E85C14
4124. FF 66 66 66 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
4125. 5B 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
4126. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
4127. 5C 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
4128. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
4129.  
4130. Stack Trace
4131. 0: ZwWaitForMultipleObjects 0x00000014
4132. 1: WaitForMultipleObjectsEx 0x000000EF
4133. 2: WaitForMultipleObjects 0x0000000E
4134. 3: DrvPresentBuffers 0x00023EC6
4135. 4: BaseThreadInitThunk 0x00000022
4136. 5: RtlUserThreadStart 0x00000034
4137.  
4138.  
4139.  
4140. ------------------------------
4141. THREAD ID: 0x00001714
4142. got context
4143. Module path: C:\Windows\SYSTEM32\ntdll.dll
4144. PC: 0x0000000070B35764 ModuleOffset: 0x00000000F0E85764
4145. RAX: 0x0000000000000000 RBX: 0x0000000000000000 RCX: 0x00000000F0E85764
4146. RDX: 0x0000000000000000 RDI: 0x0000000000000000 RSI: 0x0000000000000064
4147. RSP: 0x00000000A19FF518 RIP: 0x00000000F0E85764 RBP: 0x00000000A19FF6C0
4148. R8 : 0x00000000A19FF518 R9 : 0x00000000A19FF6C0 R10: 0x0000000000000000
4149. R11: 0x0000000000000246 R12: 0x00000000000024E0 R13: 0x0000000000000000
4150. R14: 0x00000000A19FF540 R15: 0x0000000000000000
4151.  
4152. Memory from 0x00000000F0E85744
4153. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
4154. 34 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
4155. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
4156. 35 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
4157. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
4158.  
4159. Stack Trace
4160. 0: ZwDelayExecution 0x00000014
4161. 1: SleepEx 0x000000A7
4162. 2: DllMain 0x0001DEB5
4163. 3: BaseThreadInitThunk 0x00000022
4164. 4: RtlUserThreadStart 0x00000034
4165.  
4166.  
4167.  
4168. ------------------------------
4169. THREAD ID: 0x000007D0
4170. got context
4171. Module path: C:\Windows\SYSTEM32\ntdll.dll
4172. PC: 0x0000000070B35C34 ModuleOffset: 0x00000000F0E85C34
4173. RAX: 0x0000000000000014 RBX: 0x0000000000000007 RCX: 0x00000000499AE51E
4174. RDX: 0x00000000B4BE51E0 RDI: 0x0000000000000007 RSI: 0x0000000000000000
4175. RSP: 0x00000000A1DFF4E8 RIP: 0x00000000F0E85C34 RBP: 0x0000000000000DE4
4176. R8 : 0x00000000B4BE6860 R9 : 0x00000000BA4989A7 R10: 0x0000000080410000
4177. R11: 0x00000000B0A41170 R12: 0x00000000FFFFFFFF R13: 0x00000000A1DFF820
4178. R14: 0x0000000000000000 R15: 0x0000000000000000
4179.  
4180. Memory from 0x00000000F0E85C14
4181. FF 66 66 66 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
4182. 5B 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
4183. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
4184. 5C 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
4185. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
4186.  
4187. Stack Trace
4188. 0: ZwWaitForMultipleObjects 0x00000014
4189. 1: WaitForMultipleObjectsEx 0x000000EF
4190. 2: MsgWaitForMultipleObjects 0x000001E9
4191. 3: MsgWaitForMultipleObjects 0x0000006B
4192. 4: DrvValidateVersion 0x0000383D
4193. 5: BaseThreadInitThunk 0x00000022
4194. 6: RtlUserThreadStart 0x00000034
4195.  
4196.  
4197.  
4198. ------------------------------
4199. THREAD ID: 0x00003BF4
4200. got context
4201. Module path: C:\Windows\SYSTEM32\ntdll.dll
4202. PC: 0x0000000070B387F4 ModuleOffset: 0x00000000F0E887F4
4203. RAX: 0x00000000000015A0 RBX: 0x000000008049B6D0 RCX: 0x0000000000000000
4204. RDX: 0x00000000000024E0 RDI: 0x000000008049BA50 RSI: 0x0000000000000010
4205. RSP: 0x00000000A21FF408 RIP: 0x00000000F0E887F4 RBP: 0x0000000000000000
4206. R8 : 0x00000000A2AFF960 R9 : 0x00000000000000BF R10: 0x0000000000000000
4207. R11: 0x00000000A21FF0F0 R12: 0x0000000000000000 R13: 0x00000000F0E0E130
4208. R14: 0x00000000F0DE9AF0 R15: 0x0000000080493FE0
4209.  
4210. Memory from 0x00000000F0E887D4
4211. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
4212. B9 01 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
4213. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
4214. BA 01 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
4215. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
4216.  
4217. Stack Trace
4218. 0: ZwWaitForWorkViaWorkerFactory 0x00000014
4219. 1: RtlAcquireSRWLockShared 0x00003E28
4220. 2: BaseThreadInitThunk 0x00000022
4221. 3: RtlUserThreadStart 0x00000034
4222.  
4223.  
4224.  
4225. ------------------------------
4226. THREAD ID: 0x00001FE8
4227. Did NOT get context (Error: 0x00000000)
4228.  
4229.  
4230.  
4231. ------------------------------
4232. THREAD ID: 0x000037C4
4233. got context
4234. Module path: C:\Windows\SYSTEM32\ntdll.dll
4235. PC: 0x0000000070B35764 ModuleOffset: 0x00000000F0E85764
4236. RAX: 0x00000000000000C0 RBX: 0x0000000000000001 RCX: 0x0000000000000000
4237. RDX: 0x0000000000000000 RDI: 0x0000000000000000 RSI: 0x00000000FFFFFFFF
4238. RSP: 0x000000009136FA48 RIP: 0x00000000F0E85764 RBP: 0x0000000000000000
4239. R8 : 0x0000000000000000 R9 : 0x0000000000000000 R10: 0x0000000000000000
4240. R11: 0x0000000000000000 R12: 0x0000000000000000 R13: 0x0000000000000000
4241. R14: 0x000000009136FA70 R15: 0x0000000000000000
4242.  
4243. Memory from 0x00000000F0E85744
4244. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
4245. 34 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
4246. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
4247. 35 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
4248. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
4249.  
4250. Stack Trace
4251. 0: ZwDelayExecution 0x00000014
4252. 1: SleepEx 0x000000A7
4253. 2: DllCanUnloadNowInternal 0x00003FAD
4254. 3: DllCanUnloadNowInternal 0x00003F5F
4255. 4: BaseThreadInitThunk 0x00000022
4256. 5: RtlUserThreadStart 0x00000034
4257.  
4258.  
4259.  
4260. ------------------------------
4261. THREAD ID: 0x00003ADC
4262. got context
4263. Module path: C:\Windows\SYSTEM32\ntdll.dll
4264. PC: 0x0000000070B35C34 ModuleOffset: 0x00000000F0E85C34
4265. RAX: 0x0000000000000000 RBX: 0x0000000000000002 RCX: 0x0000000000001FE0
4266. RDX: 0x0000000000000000 RDI: 0x0000000000000002 RSI: 0x0000000000000001
4267. RSP: 0x00000000A29FE1E8 RIP: 0x00000000F0E85C34 RBP: 0x00000000A29FE5F9
4268. R8 : 0x0000000000002000 R9 : 0x00000000FFFFFFF8 R10: 0x00000000FFFFFFFF
4269. R11: 0x000000008436EFE0 R12: 0x0000000000017DE5 R13: 0x00000000A29FE720
4270. R14: 0x00000000A29FE240 R15: 0x0000000000000000
4271.  
4272. Memory from 0x00000000F0E85C14
4273. FF 66 66 66 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
4274. 5B 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
4275. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
4276. 5C 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
4277. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
4278.  
4279. Stack Trace
4280. 0: ZwWaitForMultipleObjects 0x00000014
4281. 1: WaitForMultipleObjectsEx 0x000000EF
4282. 2: GetMetaDataPublicInterfaceFromInternal 0x0003A95E
4283. 3: GetMetaDataPublicInterfaceFromInternal 0x0003A7F8
4284. 4: GetMetaDataPublicInterfaceFromInternal 0x0003A5F1
4285. 5: TranslateSecurityAttributes 0x001ABCCF
4286. 12: DllCanUnloadNowInternal 0x00000BE3
4287. 13: DllCanUnloadNowInternal 0x00000AA3
4288. 14: DllCanUnloadNowInternal 0x000012F5
4289. 15: GetPrivateContextsPerfCounters 0x00007B79
4290. 16: DllCanUnloadNowInternal 0x000019A9
4291. 17: DllCanUnloadNowInternal 0x00001924
4292. 18: DllCanUnloadNowInternal 0x00001862
4293. 19: DllCanUnloadNowInternal 0x000019E3
4294. 20: GetPrivateContextsPerfCounters 0x00007A5B
4295. 21: InstallCustomModule 0x00001C7F
4296. 22: BaseThreadInitThunk 0x00000022
4297. 23: RtlUserThreadStart 0x00000034
4298.  
4299.  
4300.  
4301. ------------------------------
4302. THREAD ID: 0x00002158
4303. got context
4304. Module path: C:\Windows\SYSTEM32\ntdll.dll
4305. PC: 0x0000000070B35164 ModuleOffset: 0x00000000F0E85164
4306. RAX: 0x0000000000000000 RBX: 0x0000000000000000 RCX: 0x00000000F0E85764
4307. RDX: 0x0000000000000000 RDI: 0x0000000000000618 RSI: 0x0000000000004E20
4308. RSP: 0x00000000A2DFF078 RIP: 0x00000000F0E85164 RBP: 0x00000000A2DFF200
4309. R8 : 0x00000000A2DFF108 R9 : 0x0000000000000000 R10: 0x0000000000000000
4310. R11: 0x0000000000000246 R12: 0x0000000000000001 R13: 0x0000000000000000
4311. R14: 0x00000000A2DFF0A8 R15: 0x00000000FFFF0000
4312.  
4313. Memory from 0x00000000F0E85144
4314. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
4315. 04 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
4316. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
4317. 05 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
4318. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
4319.  
4320. Stack Trace
4321. 0: NtWaitForSingleObject 0x00000014
4322. 1: WaitForSingleObjectEx 0x0000008F
4323. 2: DllCanUnloadNowInternal 0x00002202
4324. 3: DllCanUnloadNowInternal 0x0000237F
4325. 4: DllCanUnloadNowInternal 0x000023EA
4326. 5: InstallCustomModule 0x00001C7F
4327. 6: BaseThreadInitThunk 0x00000022
4328. 7: RtlUserThreadStart 0x00000034
4329.  
4330.  
4331.  
4332. ------------------------------
4333. THREAD ID: 0x00003410
4334. got context
4335. Module path: C:\Windows\SYSTEM32\ntdll.dll
4336. PC: 0x0000000070B35204 ModuleOffset: 0x00000000F0E85204
4337. RAX: 0x0000000000000000 RBX: 0x00000000A35FF5B8 RCX: 0x0000000000000FE0
4338. RDX: 0x0000000000000000 RDI: 0x00000000A35FF628 RSI: 0x0000000080010000
4339. RSP: 0x00000000A35FF508 RIP: 0x00000000F0E85204 RBP: 0x00000000A35FF5D0
4340. R8 : 0x0000000000002000 R9 : 0x00000000FFFFFFF8 R10: 0x00000000FFFFFFFF
4341. R11: 0x00000000850B7FE0 R12: 0x0000000000000000 R13: 0x0000000000000000
4342. R14: 0x0000000000000000 R15: 0x0000000000000000
4343.  
4344. Memory from 0x00000000F0E851E4
4345. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
4346. 09 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
4347. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
4348. 0A 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
4349. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
4350.  
4351. Stack Trace
4352. 0: NtRemoveIoCompletion 0x00000014
4353. 1: GetQueuedCompletionStatus 0x00000052
4354. 2: GetMetaDataPublicInterfaceFromInternal 0x00029FCC
4355. 3: InstallCustomModule 0x00001C7F
4356. 4: BaseThreadInitThunk 0x00000022
4357. 5: RtlUserThreadStart 0x00000034
4358.  
4359.  
4360.  
4361. ------------------------------
4362. THREAD ID: 0x00002A88
4363. got context
4364. Module path: C:\Windows\SYSTEM32\ntdll.dll
4365. PC: 0x0000000070B35764 ModuleOffset: 0x00000000F0E85764
4366. RAX: 0x000000008B51FA80 RBX: 0x0000000000000001 RCX: 0x000000008B53F0E0
4367. RDX: 0x0000000082134628 RDI: 0x0000000000000000 RSI: 0x000000000000003E
4368. RSP: 0x00000000A41FE918 RIP: 0x00000000F0E85764 RBP: 0x000000000000003E
4369. R8 : 0x000000000000003E R9 : 0x000000000000003E R10: 0x000000008B53FF28
4370. R11: 0x000000009E745540 R12: 0x0000000000000000 R13: 0x00000000A41FEF30
4371. R14: 0x00000000A41FE940 R15: 0x0000000000000000
4372.  
4373. Memory from 0x00000000F0E85744
4374. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
4375. 34 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
4376. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
4377. 35 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
4378. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
4379.  
4380. Stack Trace
4381. 0: ZwDelayExecution 0x00000014
4382. 1: SleepEx 0x000000A7
4383. 2: LogHelp_LogAssert 0x00000B13
4384. 3: GetMetaDataPublicInterfaceFromInternal 0x00008830
4385. 4: GetMetaDataPublicInterfaceFromInternal 0x0000870D
4386. 12: DllCanUnloadNowInternal 0x00000BE3
4387. 13: DllCanUnloadNowInternal 0x00000AA3
4388. 14: DllCanUnloadNowInternal 0x000012F5
4389. 15: GetPrivateContextsPerfCounters 0x00007B79
4390. 16: DllCanUnloadNowInternal 0x000019A9
4391. 17: DllCanUnloadNowInternal 0x00001924
4392. 18: DllCanUnloadNowInternal 0x00001862
4393. 19: DllCanUnloadNowInternal 0x000019E3
4394. 20: GetPrivateContextsPerfCounters 0x00007A5B
4395. 21: InstallCustomModule 0x00001C7F
4396. 22: BaseThreadInitThunk 0x00000022
4397. 23: RtlUserThreadStart 0x00000034
4398.  
4399.  
4400.  
4401. ------------------------------
4402. THREAD ID: 0x00001648
4403. got context
4404. Module path: C:\Windows\SYSTEM32\ntdll.dll
4405. PC: 0x0000000070B35764 ModuleOffset: 0x00000000F0E85764
4406. RAX: 0x00000000D3488A9F RBX: 0x0000000000000001 RCX: 0x00000000A45FE690
4407. RDX: 0x0000000000000000 RDI: 0x0000000000000000 RSI: 0x000000000000003E
4408. RSP: 0x00000000A45FE658 RIP: 0x00000000F0E85764 RBP: 0x000000000000003E
4409. R8 : 0x00000000A45FE658 R9 : 0x000000000000003E R10: 0x0000000000000000
4410. R11: 0x0000000000000246 R12: 0x0000000000000000 R13: 0x00000000A45FEC70
4411. R14: 0x00000000A45FE680 R15: 0x0000000000000000
4412.  
4413. Memory from 0x00000000F0E85744
4414. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
4415. 34 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
4416. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
4417. 35 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
4418. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
4419.  
4420. Stack Trace
4421. 0: ZwDelayExecution 0x00000014
4422. 1: SleepEx 0x000000A7
4423. 2: LogHelp_LogAssert 0x00000B13
4424. 3: GetMetaDataPublicInterfaceFromInternal 0x00008830
4425. 4: GetMetaDataPublicInterfaceFromInternal 0x0000870D
4426. 12: DllCanUnloadNowInternal 0x00000BE3
4427. 13: DllCanUnloadNowInternal 0x00000AA3
4428. 14: DllCanUnloadNowInternal 0x000012F5
4429. 15: GetPrivateContextsPerfCounters 0x00007B79
4430. 16: DllCanUnloadNowInternal 0x000019A9
4431. 17: DllCanUnloadNowInternal 0x00001924
4432. 18: DllCanUnloadNowInternal 0x00001862
4433. 19: DllCanUnloadNowInternal 0x000019E3
4434. 20: GetPrivateContextsPerfCounters 0x00007A5B
4435. 21: InstallCustomModule 0x00001C7F
4436. 22: BaseThreadInitThunk 0x00000022
4437. 23: RtlUserThreadStart 0x00000034
4438.  
4439.  
4440.  
4441. ------------------------------
4442. THREAD ID: 0x00001224
4443. got context
4444. Module path: C:\Windows\SYSTEM32\ntdll.dll
4445. PC: 0x0000000070B35764 ModuleOffset: 0x00000000F0E85764
4446. RAX: 0x0000000000000000 RBX: 0x0000000000000001 RCX: 0x0000000000000000
4447. RDX: 0x0000000006544BB7 RDI: 0x0000000000000000 RSI: 0x000000000000003E
4448. RSP: 0x00000000A49FE8D8 RIP: 0x00000000F0E85764 RBP: 0x000000000000003E
4449. R8 : 0x000000000000003E R9 : 0x000000000000003E R10: 0x0000000000000000
4450. R11: 0x00000000A49FE8B0 R12: 0x0000000000000000 R13: 0x00000000A49FEEF0
4451. R14: 0x00000000A49FE900 R15: 0x0000000000000000
4452.  
4453. Memory from 0x00000000F0E85744
4454. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
4455. 34 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
4456. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
4457. 35 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
4458. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
4459.  
4460. Stack Trace
4461. 0: ZwDelayExecution 0x00000014
4462. 1: SleepEx 0x000000A7
4463. 2: LogHelp_LogAssert 0x00000B13
4464. 3: GetMetaDataPublicInterfaceFromInternal 0x00008830
4465. 4: GetMetaDataPublicInterfaceFromInternal 0x0000870D
4466. 12: DllCanUnloadNowInternal 0x00000BE3
4467. 13: DllCanUnloadNowInternal 0x00000AA3
4468. 14: DllCanUnloadNowInternal 0x000012F5
4469. 15: GetPrivateContextsPerfCounters 0x00007B79
4470. 16: DllCanUnloadNowInternal 0x000019A9
4471. 17: DllCanUnloadNowInternal 0x00001924
4472. 18: DllCanUnloadNowInternal 0x00001862
4473. 19: DllCanUnloadNowInternal 0x000019E3
4474. 20: GetPrivateContextsPerfCounters 0x00007A5B
4475. 21: InstallCustomModule 0x00001C7F
4476. 22: BaseThreadInitThunk 0x00000022
4477. 23: RtlUserThreadStart 0x00000034
4478.  
4479.  
4480.  
4481. ------------------------------
4482. THREAD ID: 0x00001388
4483. got context
4484. Module path: C:\Windows\SYSTEM32\ntdll.dll
4485. PC: 0x0000000070B35764 ModuleOffset: 0x00000000F0E85764
4486. RAX: 0x0000000006545099 RBX: 0x0000000000000001 RCX: 0x000000000000003E
4487. RDX: 0x0000000000000001 RDI: 0x0000000000000000 RSI: 0x000000000000003E
4488. RSP: 0x00000000A4DFE938 RIP: 0x00000000F0E85764 RBP: 0x000000000000003E
4489. R8 : 0x0000000004000000 R9 : 0x000000009B927390 R10: 0x0000000000000000
4490. R11: 0x000000009B927390 R12: 0x0000000000000000 R13: 0x00000000A4DFEF50
4491. R14: 0x00000000A4DFE960 R15: 0x0000000000000000
4492.  
4493. Memory from 0x00000000F0E85744
4494. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
4495. 34 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
4496. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
4497. 35 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
4498. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
4499.  
4500. Stack Trace
4501. 0: ZwDelayExecution 0x00000014
4502. 1: SleepEx 0x000000A7
4503. 2: LogHelp_LogAssert 0x00000B13
4504. 3: GetMetaDataPublicInterfaceFromInternal 0x00008830
4505. 4: GetMetaDataPublicInterfaceFromInternal 0x0000870D
4506. 12: DllCanUnloadNowInternal 0x00000BE3
4507. 13: DllCanUnloadNowInternal 0x00000AA3
4508. 14: DllCanUnloadNowInternal 0x000012F5
4509. 15: GetPrivateContextsPerfCounters 0x00007B79
4510. 16: DllCanUnloadNowInternal 0x000019A9
4511. 17: DllCanUnloadNowInternal 0x00001924
4512. 18: DllCanUnloadNowInternal 0x00001862
4513. 19: DllCanUnloadNowInternal 0x000019E3
4514. 20: GetPrivateContextsPerfCounters 0x00007A5B
4515. 21: InstallCustomModule 0x00001C7F
4516. 22: BaseThreadInitThunk 0x00000022
4517. 23: RtlUserThreadStart 0x00000034
4518.  
4519.  
4520.  
4521. ------------------------------
4522. THREAD ID: 0x0000382C
4523. got context
4524. Module path: C:\Windows\SYSTEM32\ntdll.dll
4525. PC: 0x0000000070B35164 ModuleOffset: 0x00000000F0E85164
4526. RAX: 0x0000000000000000 RBX: 0x0000000000000000 RCX: 0x00000000E05101C0
4527. RDX: 0x00000000E02E1000 RDI: 0x000000000000129C RSI: 0x00000000FFFFFFFF
4528. RSP: 0x00000000913AF878 RIP: 0x00000000F0E85164 RBP: 0x00000000913AFA10
4529. R8 : 0x0000000000000000 R9 : 0x00000000913AF6B0 R10: 0x00000000E02E1000
4530. R11: 0x00000000913AF650 R12: 0x0000000000000000 R13: 0x0000000000000000
4531. R14: 0x0000000000000000 R15: 0x0000000000000000
4532.  
4533. Memory from 0x00000000F0E85144
4534. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
4535. 04 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
4536. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
4537. 05 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
4538. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
4539.  
4540. Stack Trace
4541. 0: NtWaitForSingleObject 0x00000014
4542. 1: WaitForSingleObjectEx 0x0000008F
4543. 2: DllCanUnloadNowInternal 0x000007C7
4544. 3: BaseThreadInitThunk 0x00000022
4545. 4: RtlUserThreadStart 0x00000034
4546.  
4547.  
4548.  
4549. ------------------------------
4550. THREAD ID: 0x0000199C
4551. got context
4552. Module path: C:\Windows\SYSTEM32\ntdll.dll
4553. PC: 0x0000000070B35764 ModuleOffset: 0x00000000F0E85764
4554. RAX: 0x00000000804D3020 RBX: 0x0000000000000001 RCX: 0x00000000BEFCB2F8
4555. RDX: 0x0000000000000090 RDI: 0x0000000000000000 RSI: 0x000000000000003E
4556. RSP: 0x00000000A51FE598 RIP: 0x00000000F0E85764 RBP: 0x000000000000003E
4557. R8 : 0x000000000000003E R9 : 0x000000000000003E R10: 0x0000000000000000
4558. R11: 0x00000000A51FE810 R12: 0x0000000000000000 R13: 0x00000000A51FEBB0
4559. R14: 0x00000000A51FE5C0 R15: 0x0000000000000000
4560.  
4561. Memory from 0x00000000F0E85744
4562. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
4563. 34 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
4564. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
4565. 35 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
4566. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
4567.  
4568. Stack Trace
4569. 0: ZwDelayExecution 0x00000014
4570. 1: SleepEx 0x000000A7
4571. 2: LogHelp_LogAssert 0x00000B13
4572. 3: GetMetaDataPublicInterfaceFromInternal 0x00008830
4573. 4: GetMetaDataPublicInterfaceFromInternal 0x0000870D
4574. 12: DllCanUnloadNowInternal 0x00000BE3
4575. 13: DllCanUnloadNowInternal 0x00000AA3
4576. 14: DllCanUnloadNowInternal 0x000012F5
4577. 15: GetPrivateContextsPerfCounters 0x00007B79
4578. 16: DllCanUnloadNowInternal 0x000019A9
4579. 17: DllCanUnloadNowInternal 0x00001924
4580. 18: DllCanUnloadNowInternal 0x00001862
4581. 19: DllCanUnloadNowInternal 0x000019E3
4582. 20: GetPrivateContextsPerfCounters 0x00007A5B
4583. 21: InstallCustomModule 0x00001C7F
4584. 22: BaseThreadInitThunk 0x00000022
4585. 23: RtlUserThreadStart 0x00000034
4586.  
4587.  
4588.  
4589. ------------------------------
4590. THREAD ID: 0x00002518
4591. got context
4592. Module path: C:\Windows\SYSTEM32\ntdll.dll
4593. PC: 0x0000000070B35764 ModuleOffset: 0x00000000F0E85764
4594. RAX: 0x0000000000000000 RBX: 0x0000000000000001 RCX: 0x00000000F0E85764
4595. RDX: 0x0000000000000000 RDI: 0x0000000000000000 RSI: 0x000000000000003E
4596. RSP: 0x00000000A55FE838 RIP: 0x00000000F0E85764 RBP: 0x000000000000003E
4597. R8 : 0x00000000A55FE838 R9 : 0x000000000000003E R10: 0x0000000000000000
4598. R11: 0x0000000000000246 R12: 0x0000000000000000 R13: 0x00000000A55FEE50
4599. R14: 0x00000000A55FE860 R15: 0x0000000000000000
4600.  
4601. Memory from 0x00000000F0E85744
4602. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
4603. 34 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
4604. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
4605. 35 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
4606. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
4607.  
4608. Stack Trace
4609. 0: ZwDelayExecution 0x00000014
4610. 1: SleepEx 0x000000A7
4611. 2: LogHelp_LogAssert 0x00000B13
4612. 3: GetMetaDataPublicInterfaceFromInternal 0x00008830
4613. 4: GetMetaDataPublicInterfaceFromInternal 0x0000870D
4614. 12: DllCanUnloadNowInternal 0x00000BE3
4615. 13: DllCanUnloadNowInternal 0x00000AA3
4616. 14: DllCanUnloadNowInternal 0x000012F5
4617. 15: GetPrivateContextsPerfCounters 0x00007B79
4618. 16: DllCanUnloadNowInternal 0x000019A9
4619. 17: DllCanUnloadNowInternal 0x00001924
4620. 18: DllCanUnloadNowInternal 0x00001862
4621. 19: DllCanUnloadNowInternal 0x000019E3
4622. 20: GetPrivateContextsPerfCounters 0x00007A5B
4623. 21: InstallCustomModule 0x00001C7F
4624. 22: BaseThreadInitThunk 0x00000022
4625. 23: RtlUserThreadStart 0x00000034
4626.  
4627.  
4628.  
4629. ------------------------------
4630. THREAD ID: 0x00002DE8
4631. got context
4632. Module path: C:\Windows\SYSTEM32\ntdll.dll
4633. PC: 0x0000000070B35164 ModuleOffset: 0x00000000F0E85164
4634. RAX: 0x0000000000000000 RBX: 0x0000000000000000 RCX: 0x00000000F0E85164
4635. RDX: 0x0000000000000000 RDI: 0x0000000000000C10 RSI: 0x00000000000007D0
4636. RSP: 0x00000000A59FF8E8 RIP: 0x00000000F0E85164 RBP: 0x0000000000000F00
4637. R8 : 0x00000000A59FF8E8 R9 : 0x0000000000000F00 R10: 0x0000000000000000
4638. R11: 0x0000000000000246 R12: 0x00000000EE20D850 R13: 0x00000000000003C0
4639. R14: 0x00000000A59FF918 R15: 0x0000000000000000
4640.  
4641. Memory from 0x00000000F0E85144
4642. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
4643. 04 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
4644. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
4645. 05 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
4646. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
4647.  
4648. Stack Trace
4649. 0: NtWaitForSingleObject 0x00000014
4650. 1: WaitForSingleObjectEx 0x0000008F
4651. 2: alcMakeContextCurrent 0x0000E700
4652. 3: alcMakeContextCurrent 0x00006D3D
4653. 4: BaseThreadInitThunk 0x00000022
4654. 5: RtlUserThreadStart 0x00000034
4655.  
4656.  
4657.  
4658. ------------------------------
4659. THREAD ID: 0x000032C8
4660. got context
4661. Module path: C:\Windows\SYSTEM32\ntdll.dll
4662. PC: 0x0000000070B35C34 ModuleOffset: 0x00000000F0E85C34
4663. RAX: 0x0000000000000000 RBX: 0x0000000000000002 RCX: 0x00000000E42A9230
4664. RDX: 0x00000000A78034D0 RDI: 0x0000000000000002 RSI: 0x0000000000000000
4665. RSP: 0x00000000A5DFF7B8 RIP: 0x00000000F0E85C34 RBP: 0x00000000000012DC
4666. R8 : 0x0000000000000000 R9 : 0x0000000000000000 R10: 0x0000000000000000
4667. R11: 0x0000000000000000 R12: 0x00000000FFFFFFFF R13: 0x00000000A5DFFAF0
4668. R14: 0x0000000000000000 R15: 0x0000000000000000
4669.  
4670. Memory from 0x00000000F0E85C14
4671. FF 66 66 66 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
4672. 5B 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
4673. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
4674. 5C 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
4675. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
4676.  
4677. Stack Trace
4678. 0: ZwWaitForMultipleObjects 0x00000014
4679. 1: WaitForMultipleObjectsEx 0x000000EF
4680. 2: MsgWaitForMultipleObjects 0x000001E9
4681. 3: MsgWaitForMultipleObjects 0x0000006B
4682. 4: GdiplusStartup 0x00002753
4683. 5: GdiplusStartup 0x000026C4
4684. 6: BaseThreadInitThunk 0x00000022
4685. 7: RtlUserThreadStart 0x00000034
4686.  
4687.  
4688.  
4689. ------------------------------
4690. THREAD ID: 0x0000397C
4691. got context
4692. Module path: C:\Windows\SYSTEM32\ntdll.dll
4693. PC: 0x0000000070B35C34 ModuleOffset: 0x00000000F0E85C34
4694. RAX: 0x0000000055555556 RBX: 0x0000000000000001 RCX: 0x0000000000000002
4695. RDX: 0x0000000000000000 RDI: 0x0000000000000001 RSI: 0x0000000000000001
4696. RSP: 0x00000000A61FE448 RIP: 0x00000000F0E85C34 RBP: 0x00000000A61FE859
4697. R8 : 0x00000000FFFFFFFF R9 : 0x000000008210E7F8 R10: 0x00000000C9CD8000
4698. R11: 0x0000000067E94000 R12: 0x00000000FFFFFFFF R13: 0x00000000A61FE9A0
4699. R14: 0x0000000000000000 R15: 0x0000000000000001
4700.  
4701. Memory from 0x00000000F0E85C14
4702. FF 66 66 66 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
4703. 5B 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
4704. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
4705. 5C 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
4706. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
4707.  
4708. Stack Trace
4709. 0: ZwWaitForMultipleObjects 0x00000014
4710. 1: WaitForMultipleObjectsEx 0x000000EF
4711. 2: GetMetaDataPublicInterfaceFromInternal 0x0003A95E
4712. 3: GetMetaDataPublicInterfaceFromInternal 0x0003A7F8
4713. 4: GetMetaDataPublicInterfaceFromInternal 0x0003A5F1
4714. 5: GetMetaDataPublicInterfaceFromInternal 0x0003EEB5
4715. 13: DllCanUnloadNowInternal 0x00000BE3
4716. 14: DllCanUnloadNowInternal 0x00000AA3
4717. 15: DllCanUnloadNowInternal 0x000012F5
4718. 16: GetPrivateContextsPerfCounters 0x00007B79
4719. 17: DllCanUnloadNowInternal 0x000019A9
4720. 18: DllCanUnloadNowInternal 0x00001924
4721. 19: DllCanUnloadNowInternal 0x00001862
4722. 20: DllCanUnloadNowInternal 0x000019E3
4723. 21: GetPrivateContextsPerfCounters 0x00007A5B
4724. 22: InstallCustomModule 0x00001C7F
4725. 23: BaseThreadInitThunk 0x00000022
4726. 24: RtlUserThreadStart 0x00000034
4727.  
4728.  
4729.  
4730. ------------------------------
4731. THREAD ID: 0x00003840
4732. got context
4733. Module path: C:\Windows\SYSTEM32\ntdll.dll
4734. PC: 0x0000000070B35C34 ModuleOffset: 0x00000000F0E85C34
4735. RAX: 0x00000000AF2AB820 RBX: 0x0000000000000001 RCX: 0x000000008A9F0000
4736. RDX: 0x00000000001D0044 RDI: 0x0000000000000001 RSI: 0x0000000000000001
4737. RSP: 0x00000000A65FE0E8 RIP: 0x00000000F0E85C34 RBP: 0x00000000A65FE4F9
4738. R8 : 0x000000001FFF7D43 R9 : 0x0000000000000000 R10: 0x0000000000000000
4739. R11: 0x00000000AF2AB7C0 R12: 0x00000000FFFFFFFF R13: 0x00000000A65FE640
4740. R14: 0x0000000000000000 R15: 0x0000000000000001
4741.  
4742. Memory from 0x00000000F0E85C14
4743. FF 66 66 66 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
4744. 5B 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
4745. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
4746. 5C 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
4747. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
4748.  
4749. Stack Trace
4750. 0: ZwWaitForMultipleObjects 0x00000014
4751. 1: WaitForMultipleObjectsEx 0x000000EF
4752. 2: GetMetaDataPublicInterfaceFromInternal 0x0003A95E
4753. 3: GetMetaDataPublicInterfaceFromInternal 0x0003A7F8
4754. 4: GetMetaDataPublicInterfaceFromInternal 0x0003A5F1
4755. 5: GetMetaDataPublicInterfaceFromInternal 0x0003EEB5
4756. 13: DllCanUnloadNowInternal 0x00000BE3
4757. 14: DllCanUnloadNowInternal 0x00000AA3
4758. 15: DllCanUnloadNowInternal 0x000012F5
4759. 16: GetPrivateContextsPerfCounters 0x00007B79
4760. 17: DllCanUnloadNowInternal 0x000019A9
4761. 18: DllCanUnloadNowInternal 0x00001924
4762. 19: DllCanUnloadNowInternal 0x00001862
4763. 20: DllCanUnloadNowInternal 0x000019E3
4764. 21: GetPrivateContextsPerfCounters 0x00007A5B
4765. 22: InstallCustomModule 0x00001C7F
4766. 23: BaseThreadInitThunk 0x00000022
4767. 24: RtlUserThreadStart 0x00000034
4768.  
4769.  
4770.  
4771. ------------------------------
4772. THREAD ID: 0x00001C10
4773. got context
4774. Module path: C:\Windows\SYSTEM32\ntdll.dll
4775. PC: 0x0000000070B35164 ModuleOffset: 0x00000000F0E85164
4776. RAX: 0x000000004274BFA0 RBX: 0x0000000000000000 RCX: 0x0000000057914D6C
4777. RDX: 0x000000008B66D850 RDI: 0x0000000000000618 RSI: 0x0000000000004E20
4778. RSP: 0x00000000A69FEE18 RIP: 0x00000000F0E85164 RBP: 0x00000000A69FEFA0
4779. R8 : 0x0000000000000000 R9 : 0x000000009B923CE0 R10: 0x0000000000000000
4780. R11: 0x00000000DCAC2290 R12: 0x0000000000000001 R13: 0x0000000000000000
4781. R14: 0x00000000A69FEE48 R15: 0x00000000FFFF0000
4782.  
4783. Memory from 0x00000000F0E85144
4784. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
4785. 04 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
4786. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
4787. 05 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
4788. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
4789.  
4790. Stack Trace
4791. 0: NtWaitForSingleObject 0x00000014
4792. 1: WaitForSingleObjectEx 0x0000008F
4793. 2: DllCanUnloadNowInternal 0x00002202
4794. 3: DllCanUnloadNowInternal 0x0000237F
4795. 4: DllCanUnloadNowInternal 0x000023EA
4796. 5: InstallCustomModule 0x00001C7F
4797. 6: BaseThreadInitThunk 0x00000022
4798. 7: RtlUserThreadStart 0x00000034
4799.  
4800.  
4801.  
4802. ------------------------------
4803. THREAD ID: 0x00003570
4804. got context
4805. Module path: C:\Windows\SYSTEM32\ntdll.dll
4806. PC: 0x0000000070B35164 ModuleOffset: 0x00000000F0E85164
4807. RAX: 0x0000000000000020 RBX: 0x0000000000000000 RCX: 0x00000000DD03EC40
4808. RDX: 0x00000000A6DFE39C RDI: 0x0000000000000618 RSI: 0x0000000000004E20
4809. RSP: 0x00000000A6DFF098 RIP: 0x00000000F0E85164 RBP: 0x00000000A6DFF220
4810. R8 : 0x000000008B8ADADC R9 : 0x0000000000000000 R10: 0x0000000000000000
4811. R11: 0x00000000A6DFE5C4 R12: 0x0000000000000001 R13: 0x0000000000000000
4812. R14: 0x00000000A6DFF0C8 R15: 0x00000000FFFF0000
4813.  
4814. Memory from 0x00000000F0E85144
4815. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
4816. 04 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
4817. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
4818. 05 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
4819. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
4820.  
4821. Stack Trace
4822. 0: NtWaitForSingleObject 0x00000014
4823. 1: WaitForSingleObjectEx 0x0000008F
4824. 2: DllCanUnloadNowInternal 0x00002202
4825. 3: DllCanUnloadNowInternal 0x0000237F
4826. 4: DllCanUnloadNowInternal 0x000023EA
4827. 5: InstallCustomModule 0x00001C7F
4828. 6: BaseThreadInitThunk 0x00000022
4829. 7: RtlUserThreadStart 0x00000034
4830.  
4831.  
4832.  
4833. ------------------------------
4834. THREAD ID: 0x0000222C
4835. got context
4836. Module path: C:\Windows\SYSTEM32\ntdll.dll
4837. PC: 0x0000000070B35164 ModuleOffset: 0x00000000F0E85164
4838. RAX: 0x000000004274BFA0 RBX: 0x0000000000000000 RCX: 0x0000000057914D71
4839. RDX: 0x000000008B70CC98 RDI: 0x0000000000000618 RSI: 0x0000000000004E20
4840. RSP: 0x00000000A71FEFB8 RIP: 0x00000000F0E85164 RBP: 0x00000000A71FF140
4841. R8 : 0x0000000000000000 R9 : 0x000000009B928330 R10: 0x0000000000000000
4842. R11: 0x00000000DCAC2290 R12: 0x0000000000000001 R13: 0x0000000000000000
4843. R14: 0x00000000A71FEFE8 R15: 0x00000000FFFF0000
4844.  
4845. Memory from 0x00000000F0E85144
4846. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
4847. 04 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
4848. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
4849. 05 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
4850. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
4851.  
4852. Stack Trace
4853. 0: NtWaitForSingleObject 0x00000014
4854. 1: WaitForSingleObjectEx 0x0000008F
4855. 2: DllCanUnloadNowInternal 0x00002202
4856. 3: DllCanUnloadNowInternal 0x0000237F
4857. 4: DllCanUnloadNowInternal 0x000023EA
4858. 5: InstallCustomModule 0x00001C7F
4859. 6: BaseThreadInitThunk 0x00000022
4860. 7: RtlUserThreadStart 0x00000034
4861.  
4862.  
4863.  
4864.  
4865.  
4866. Exception in: C:\Windows\SYSTEM32\ntdll.dll
4867. Exception: Unknown exception
4868. PC: 0x0000000087BA5639 ModuleOffset: 0x00000000B6CD5639
4869.  
4870.  
4871. Module path: C:\Windows\SYSTEM32\ntdll.dll
4872. PC: 0x0000000087BA5639 ModuleOffset: 0x00000000B6CD5639
4873. RAX: 0x0000000000000002 RBX: 0x000000002F2A3CD0 RCX: 0x000000009E376B9C
4874. RDX: 0x0000000000000004 RDI: 0x0000000000000000 RSI: 0x0000000000000014
4875. RSP: 0x000000005587F180 RIP: 0x00000000B6CD5639 RBP: 0x000000002F2A3EB0
4876. R8 : 0x0000000000000009 R9 : 0x0000000000000005 R10: 0x000000009E376B74
4877. R11: 0x0000000000000005 R12: 0x0000000000000000 R13: 0x00000000B6C0E130
4878. R14: 0x0000000000000000 R15: 0x000000002F2A3DB8
4879.  
4880. Memory from 0x00000000B6CD5619
4881. 40 C7 44 24 20 0A 07 00 C0 48 89 54 24 48 4C 89
4882. 44 24 50 C7 44 24 24 01 00 00 00 E8 37 13 F4 FF
4883. 48 8B 8C 24 C0 00 00 00 48 33 CC E8 F7 01 FA FF
4884. 48 81 C4 D8 00 00 00 C3 CC CC CC CC CC CC CC 48
4885. 81 EC D8 00 00 00 48 8B 05 A2 2D 06 00 48 33 C4
4886.  
4887. Stack Trace
4888. 18: - 0x0
4889.  
4890. 17: - 0x0
4891.  
4892. 16: UnhandledExceptionFilter - 0xB3357C70
4893.  
4894. 15: TpDbgDumpHeapUsage - 0xB6CD5420
4895.  
4896. 14: TpDbgDumpHeapUsage - 0xB6CD5420
4897.  
4898. 13: memset - 0xB6C8B900
4899.  
4900. 12: _C_specific_handler - 0xB6C75A90
4901.  
4902. 11: RtlRaiseStatus - 0xB6C84A90
4903.  
4904. 10: _chkstk - 0xB6C89A00
4905.  
4906. 9: RtlImageNtHeaderEx - 0xB6C14B30
4907.  
4908. 8: RtlRaiseException - 0xB6C16970
4909.  
4910. 7: TpDbgDumpHeapUsage - 0xB6CD5420
4911.  
4912. 6: memset - 0xB6C8B900
4913.  
4914. 5: TpSetWaitEx - 0xB6BEA960
4915.  
4916. 4: CsrClientConnectToServer - 0xB6C31EF0
4917.  
4918. 3: TpAllocWait - 0xB6BE9600
4919.  
4920. 2: RtlAcquireSRWLockShared - 0xB6C077C0
4921.  
4922. 1: BaseThreadInitThunk - 0xB47480E0
4923.  
4924. 0: RtlUserThreadStart - 0xB6C3C580
4925.  
4926.  
4927.  
4928. ------------------------------
4929. THREAD ID: 0x00000AF8
4930. got context
4931. Module path: C:\Windows\SYSTEM32\ntdll.dll
4932. PC: 0x0000000087B55B84 ModuleOffset: 0x00000000B6C85B84
4933. RAX: 0x00000000557985B8 RBX: 0x00000000B3302770 RCX: 0x00000000A4FEF8A8
4934. RDX: 0x00000000557985C0 RDI: 0x0000000000000000 RSI: 0x0000000000000000
4935. RSP: 0x00000000483FD798 RIP: 0x00000000B6C85B84 RBP: 0x00000000483FD8A0
4936. R8 : 0x0000000000000001 R9 : 0x0000000000000000 R10: 0x0000000000000003
4937. R11: 0x0000000000000003 R12: 0x0000000040100080 R13: 0x0000000000000000
4938. R14: 0x0000000000000000 R15: 0x0000000000000002
4939.  
4940. Memory from 0x00000000B6C85B64
4941. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
4942. 55 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
4943. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
4944. 56 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
4945. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
4946.  
4947. Stack Trace
4948. 0: NtCreateFile 0x00000014
4949. 1: DllMain 0x00006FBD
4950. 2: DllMain 0x00006D91
4951. 3: DllMain 0x0000684F
4952. 4: GetMetaDataPublicInterfaceFromInternal 0x00008830
4953. 5: GetMetaDataPublicInterfaceFromInternal 0x0000870D
4954. 11: DllCanUnloadNowInternal 0x00000BE3
4955. 12: DllCanUnloadNowInternal 0x00000AA3
4956. 13: DllCanUnloadNowInternal 0x000012F5
4957. 14: GetCLRFunction 0x00001406
4958. 15: GetCLRFunction 0x00001266
4959. 16: GetCLRFunction 0x00001116
4960. 17: GetCLRFunction 0x000015C4
4961. 18: GetCLRFunction 0x00001542
4962. 19: CorExeMain 0x00000014
4963. 20: CorExeMain 0x0000006D
4964. 21: CorExeMain 0x000000E4
4965. 22: CorExeMain 0x0000000B
4966. 23: BaseThreadInitThunk 0x00000022
4967. 24: RtlUserThreadStart 0x00000034
4968.  
4969.  
4970.  
4971. ------------------------------
4972. THREAD ID: 0x00002B9C
4973. got context
4974. Module path: C:\Windows\SYSTEM32\ntdll.dll
4975. PC: 0x0000000087B587F4 ModuleOffset: 0x00000000B6C887F4
4976. RAX: 0x0000000000000000 RBX: 0x000000002F2A5820 RCX: 0x00000000B07DF142
4977. RDX: 0x00000000B0760000 RDI: 0x000000002F2A5BA0 RSI: 0x0000000000000010
4978. RSP: 0x00000000487FF988 RIP: 0x00000000B6C887F4 RBP: 0x0000000000000000
4979. R8 : 0x00000000487FF0E0 R9 : 0x000000000000006C R10: 0x00000000487FF294
4980. R11: 0x00000000487FEF40 R12: 0x0000000000000000 R13: 0x00000000B6C0E130
4981. R14: 0x00000000B6BE9AF0 R15: 0x000000002F2A2CE0
4982.  
4983. Memory from 0x00000000B6C887D4
4984. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
4985. B9 01 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
4986. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
4987. BA 01 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
4988. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
4989.  
4990. Stack Trace
4991. 0: ZwWaitForWorkViaWorkerFactory 0x00000014
4992. 1: RtlAcquireSRWLockShared 0x00003E28
4993. 2: BaseThreadInitThunk 0x00000022
4994. 3: RtlUserThreadStart 0x00000034
4995.  
4996.  
4997.  
4998. ------------------------------
4999. THREAD ID: 0x00002A88
5000. got context
5001. Module path: C:\Windows\SYSTEM32\ntdll.dll
5002. PC: 0x0000000087B587F4 ModuleOffset: 0x00000000B6C887F4
5003. RAX: 0x00000000B2D8E054 RBX: 0x000000002F2A8540 RCX: 0x0000000000000052
5004. RDX: 0x00000000006B90BC RDI: 0x000000002F2A88C0 RSI: 0x0000000000000010
5005. RSP: 0x0000000048BFF5B8 RIP: 0x00000000B6C887F4 RBP: 0x0000000000000000
5006. R8 : 0x00000000000004D0 R9 : 0x00000000000004DD R10: 0x00000000000004C4
5007. R11: 0x00000000B2D8E054 R12: 0x0000000000000000 R13: 0x00000000B6C0E130
5008. R14: 0x00000000B6BE9AF0 R15: 0x000000002F2A2CE0
5009.  
5010. Memory from 0x00000000B6C887D4
5011. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
5012. B9 01 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
5013. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
5014. BA 01 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
5015. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
5016.  
5017. Stack Trace
5018. 0: ZwWaitForWorkViaWorkerFactory 0x00000014
5019. 1: RtlAcquireSRWLockShared 0x00003E28
5020. 2: BaseThreadInitThunk 0x00000022
5021. 3: RtlUserThreadStart 0x00000034
5022.  
5023.  
5024.  
5025. ------------------------------
5026. THREAD ID: 0x00002524
5027. got context
5028. Module path: C:\Windows\SYSTEM32\ntdll.dll
5029. PC: 0x0000000087B55C34 ModuleOffset: 0x00000000B6C85C34
5030. RAX: 0x0000000000000000 RBX: 0x0000000000000003 RCX: 0x00000000A45FD820
5031. RDX: 0x0000000000000000 RDI: 0x0000000000000003 RSI: 0x0000000000000000
5032. RSP: 0x0000000048FFFA48 RIP: 0x00000000B6C85C34 RBP: 0x0000000048FFFDA9
5033. R8 : 0x0000000000000000 R9 : 0x0000000000000000 R10: 0x0000000000000000
5034. R11: 0x0000000000000000 R12: 0x00000000FFFFFFFF R13: 0x0000000048FFFDB0
5035. R14: 0x0000000000000000 R15: 0x0000000000000000
5036.  
5037. Memory from 0x00000000B6C85C14
5038. FF 66 66 66 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
5039. 5B 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
5040. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
5041. 5C 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
5042. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
5043.  
5044. Stack Trace
5045. 0: ZwWaitForMultipleObjects 0x00000014
5046. 1: WaitForMultipleObjectsEx 0x000000EF
5047. 2: InitializeFusion 0x00004832
5048. 3: InitializeFusion 0x0000475D
5049. 4: InitializeFusion 0x00004670
5050. 5: BaseThreadInitThunk 0x00000022
5051. 6: RtlUserThreadStart 0x00000034
5052.  
5053.  
5054.  
5055. ------------------------------
5056. THREAD ID: 0x00001F40
5057. got context
5058. Module path: C:\Windows\SYSTEM32\ntdll.dll
5059. PC: 0x0000000087B55164 ModuleOffset: 0x00000000B6C85164
5060. RAX: 0x000000002F31F5D0 RBX: 0x0000000000000000 RCX: 0x0000000038A253F8
5061. RDX: 0x0000000086B91B98 RDI: 0x00000000000001A0 RSI: 0x00000000000007D0
5062. RSP: 0x00000000493FF558 RIP: 0x00000000B6C85164 RBP: 0x000000002F31F5D0
5063. R8 : 0x000000000002B220 R9 : 0x00000000493FF770 R10: 0x0000000000000006
5064. R11: 0x0000000000000246 R12: 0x0000000000000000 R13: 0x0000000000000000
5065. R14: 0x00000000493FF588 R15: 0x0000000000000000
5066.  
5067. Memory from 0x00000000B6C85144
5068. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
5069. 04 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
5070. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
5071. 05 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
5072. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
5073.  
5074. Stack Trace
5075. 0: NtWaitForSingleObject 0x00000014
5076. 1: WaitForSingleObjectEx 0x0000008F
5077. 2: GetMetaDataPublicInterfaceFromInternal 0x00008D67
5078. 3: GetMetaDataPublicInterfaceFromInternal 0x00008D1F
5079. 4: GetMetaDataPublicInterfaceFromInternal 0x00008CE0
5080. 5: GetMetaDataPublicInterfaceFromInternal 0x0004888C
5081. 6: GetMetaDataPublicInterfaceFromInternal 0x000354A4
5082. 7: DllCanUnloadNowInternal 0x000019A9
5083. 8: DllCanUnloadNowInternal 0x00001924
5084. 9: DllCanUnloadNowInternal 0x00001862
5085. 10: GetCLRFunction 0x000007EA
5086. 11: InstallCustomModule 0x00001C7F
5087. 12: BaseThreadInitThunk 0x00000022
5088. 13: RtlUserThreadStart 0x00000034
5089.  
5090.  
5091.  
5092. ------------------------------
5093. THREAD ID: 0x00002384
5094. got context
5095. Module path: C:\Windows\SYSTEM32\ntdll.dll
5096. PC: 0x0000000087B587F4 ModuleOffset: 0x00000000B6C887F4
5097. RAX: 0x00000000B2D64818 RBX: 0x000000002F2B5760 RCX: 0x00000000B2D300E8
5098. RDX: 0x0000000000034818 RDI: 0x000000002F2B5AE0 RSI: 0x0000000000000010
5099. RSP: 0x00000000497FF998 RIP: 0x00000000B6C887F4 RBP: 0x0000000000000000
5100. R8 : 0x00000000000000E8 R9 : 0x00000000497FF4F0 R10: 0x00000000B2D300E8
5101. R11: 0x0000000000000001 R12: 0x0000000000000000 R13: 0x00000000B6C0E130
5102. R14: 0x00000000B6BE9AF0 R15: 0x000000002F2A2CE0
5103.  
5104. Memory from 0x00000000B6C887D4
5105. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
5106. B9 01 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
5107. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
5108. BA 01 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
5109. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
5110.  
5111. Stack Trace
5112. 0: ZwWaitForWorkViaWorkerFactory 0x00000014
5113. 1: RtlAcquireSRWLockShared 0x00003E28
5114. 2: BaseThreadInitThunk 0x00000022
5115. 3: RtlUserThreadStart 0x00000034
5116.  
5117.  
5118.  
5119. ------------------------------
5120. THREAD ID: 0x00002C28
5121. got context
5122. Module path: C:\Windows\SYSTEM32\ntdll.dll
5123. PC: 0x0000000087B55164 ModuleOffset: 0x00000000B6C85164
5124. RAX: 0x0000000000000000 RBX: 0x0000000000000000 RCX: 0x000000004ABFFCF0
5125. RDX: 0x0000000000000000 RDI: 0x000000000000035C RSI: 0x0000000000000064
5126. RSP: 0x000000004ABFFC18 RIP: 0x00000000B6C85164 RBP: 0x0000000000000064
5127. R8 : 0x000000004ABFFC18 R9 : 0x0000000000000064 R10: 0x0000000000000000
5128. R11: 0x0000000000000246 R12: 0x0000000000000000 R13: 0x00000000747DB560
5129. R14: 0x000000004ABFFC48 R15: 0x0000000000000000
5130.  
5131. Memory from 0x00000000B6C85144
5132. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
5133. 04 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
5134. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
5135. 05 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
5136. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
5137.  
5138. Stack Trace
5139. 0: NtWaitForSingleObject 0x00000014
5140. 1: WaitForSingleObjectEx 0x0000008F
5141. 2: DrvValidateVersion 0x00009E7A
5142. 5: DrvValidateVersion 0x0000AA8B
5143. 6: BaseThreadInitThunk 0x00000022
5144. 7: RtlUserThreadStart 0x00000034
5145.  
5146.  
5147.  
5148. ------------------------------
5149. THREAD ID: 0x00001E68
5150. got context
5151. Module path: C:\Windows\SYSTEM32\ntdll.dll
5152. PC: 0x0000000087B55164 ModuleOffset: 0x00000000B6C85164
5153. RAX: 0x00000000796CB590 RBX: 0x0000000000000000 RCX: 0x00000000794E3760
5154. RDX: 0x000000000000006C RDI: 0x0000000000000430 RSI: 0x00000000FFFFFFFF
5155. RSP: 0x000000004B3FF7D8 RIP: 0x00000000B6C85164 RBP: 0x000000004A00C0B8
5156. R8 : 0x00000000FFFFFFFF R9 : 0x0000000078220000 R10: 0x0000000000000000
5157. R11: 0x0000000000000200 R12: 0x0000000000000000 R13: 0x0000000000000000
5158. R14: 0x0000000000000000 R15: 0x0000000000000000
5159.  
5160. Memory from 0x00000000B6C85144
5161. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
5162. 04 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
5163. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
5164. 05 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
5165. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
5166.  
5167. Stack Trace
5168. 0: NtWaitForSingleObject 0x00000014
5169. 1: WaitForSingleObjectEx 0x0000008F
5170. 2: glIsTextureEXT 0x0022990A
5171. 3: glIsTextureEXT 0x0022B2C0
5172. 4: glIsTextureEXT 0x00229756
5173. 5: wglRealizeLayerPalette 0x00B1A333
5174. 6: wglRealizeLayerPalette 0x00B1A57E
5175. 7: BaseThreadInitThunk 0x00000022
5176. 8: RtlUserThreadStart 0x00000034
5177.  
5178.  
5179.  
5180. ------------------------------
5181. THREAD ID: 0x00002100
5182. got context
5183. Module path: C:\Windows\SYSTEM32\ntdll.dll
5184. PC: 0x0000000087B55164 ModuleOffset: 0x00000000B6C85164
5185. RAX: 0x0000000000000000 RBX: 0x0000000000000000 RCX: 0x000000007918A09C
5186. RDX: 0x00000000498E2E70 RDI: 0x0000000000000444 RSI: 0x00000000FFFFFFFF
5187. RSP: 0x000000004B7FF628 RIP: 0x00000000B6C85164 RBP: 0x000000004A00C248
5188. R8 : 0x0000000000000000 R9 : 0x0000000000000000 R10: 0x0000000000000000
5189. R11: 0x0000000000000000 R12: 0x0000000000000000 R13: 0x0000000000000000
5190. R14: 0x0000000000000000 R15: 0x0000000000000000
5191.  
5192. Memory from 0x00000000B6C85144
5193. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
5194. 04 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
5195. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
5196. 05 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
5197. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
5198.  
5199. Stack Trace
5200. 0: NtWaitForSingleObject 0x00000014
5201. 1: WaitForSingleObjectEx 0x0000008F
5202. 2: glIsTextureEXT 0x0022990A
5203. 3: glIsTextureEXT 0x0022B2C0
5204. 4: glIsTextureEXT 0x00229756
5205. 5: wglRealizeLayerPalette 0x00B1A333
5206. 6: wglRealizeLayerPalette 0x00B1A57E
5207. 7: BaseThreadInitThunk 0x00000022
5208. 8: RtlUserThreadStart 0x00000034
5209.  
5210.  
5211.  
5212. ------------------------------
5213. THREAD ID: 0x00000C10
5214. got context
5215. Module path: C:\Windows\SYSTEM32\ntdll.dll
5216. PC: 0x0000000087B55164 ModuleOffset: 0x00000000B6C85164
5217. RAX: 0x0000000000000000 RBX: 0x0000000000000000 RCX: 0x000000007918A09C
5218. RDX: 0x00000000498E17A0 RDI: 0x0000000000000458 RSI: 0x00000000FFFFFFFF
5219. RSP: 0x000000004BBFFAB8 RIP: 0x00000000B6C85164 RBP: 0x000000004A00C3D8
5220. R8 : 0x0000000000000000 R9 : 0x0000000000000000 R10: 0x0000000000000000
5221. R11: 0x0000000000000000 R12: 0x0000000000000000 R13: 0x0000000000000000
5222. R14: 0x0000000000000000 R15: 0x0000000000000000
5223.  
5224. Memory from 0x00000000B6C85144
5225. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
5226. 04 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
5227. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
5228. 05 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
5229. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
5230.  
5231. Stack Trace
5232. 0: NtWaitForSingleObject 0x00000014
5233. 1: WaitForSingleObjectEx 0x0000008F
5234. 2: glIsTextureEXT 0x0022990A
5235. 3: glIsTextureEXT 0x0022B2C0
5236. 4: glIsTextureEXT 0x00229756
5237. 5: wglRealizeLayerPalette 0x00B1A333
5238. 6: wglRealizeLayerPalette 0x00B1A57E
5239. 7: BaseThreadInitThunk 0x00000022
5240. 8: RtlUserThreadStart 0x00000034
5241.  
5242.  
5243.  
5244. ------------------------------
5245. THREAD ID: 0x00002C7C
5246. got context
5247. Module path: C:\Windows\SYSTEM32\ntdll.dll
5248. PC: 0x0000000087B55164 ModuleOffset: 0x00000000B6C85164
5249. RAX: 0x0000000000000000 RBX: 0x0000000000000000 RCX: 0x000000007918A09C
5250. RDX: 0x00000000498E3300 RDI: 0x000000000000046C RSI: 0x00000000FFFFFFFF
5251. RSP: 0x000000004BFFF7B8 RIP: 0x00000000B6C85164 RBP: 0x000000004A00C568
5252. R8 : 0x0000000000000000 R9 : 0x0000000000000000 R10: 0x0000000000000000
5253. R11: 0x0000000000000000 R12: 0x0000000000000000 R13: 0x0000000000000000
5254. R14: 0x0000000000000000 R15: 0x0000000000000000
5255.  
5256. Memory from 0x00000000B6C85144
5257. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
5258. 04 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
5259. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
5260. 05 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
5261. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
5262.  
5263. Stack Trace
5264. 0: NtWaitForSingleObject 0x00000014
5265. 1: WaitForSingleObjectEx 0x0000008F
5266. 2: glIsTextureEXT 0x0022990A
5267. 3: glIsTextureEXT 0x0022B2C0
5268. 4: glIsTextureEXT 0x00229756
5269. 5: wglRealizeLayerPalette 0x00B1A333
5270. 6: wglRealizeLayerPalette 0x00B1A57E
5271. 7: BaseThreadInitThunk 0x00000022
5272. 8: RtlUserThreadStart 0x00000034
5273.  
5274.  
5275.  
5276. ------------------------------
5277. THREAD ID: 0x00002460
5278. got context
5279. Module path: C:\Windows\SYSTEM32\ntdll.dll
5280. PC: 0x0000000087B55164 ModuleOffset: 0x00000000B6C85164
5281. RAX: 0x0000000000190000 RBX: 0x0000000000000001 RCX: 0x0000000000000014
5282. RDX: 0x0000000000000106 RDI: 0x0000000000000538 RSI: 0x00000000FFFFFFFF
5283. RSP: 0x000000004C3FFA28 RIP: 0x00000000B6C85164 RBP: 0x0000000000000000
5284. R8 : 0x0000000000000001 R9 : 0x0000000049F00000 R10: 0x0000000000000000
5285. R11: 0x000000002F2A0150 R12: 0x0000000000000000 R13: 0x0000000000000000
5286. R14: 0x0000000000000000 R15: 0x0000000000000000
5287.  
5288. Memory from 0x00000000B6C85144
5289. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
5290. 04 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
5291. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
5292. 05 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
5293. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
5294.  
5295. Stack Trace
5296. 0: NtWaitForSingleObject 0x00000014
5297. 1: WaitForSingleObjectEx 0x0000008F
5298. 2: RasSignalMonitorThreadExit 0x00000316
5299. 3: BaseThreadInitThunk 0x00000022
5300. 4: RtlUserThreadStart 0x00000034
5301.  
5302.  
5303.  
5304. ------------------------------
5305. THREAD ID: 0x00000280
5306. got context
5307. Module path: C:\Windows\SYSTEM32\ntdll.dll
5308. PC: 0x0000000087B55764 ModuleOffset: 0x00000000B6C85764
5309. RAX: 0x0000000000000000 RBX: 0x0000000000000000 RCX: 0x000000004A049EE0
5310. RDX: 0x0000000000000000 RDI: 0x0000000000000000 RSI: 0x0000000000007530
5311. RSP: 0x000000004C7FF908 RIP: 0x00000000B6C85764 RBP: 0x0000000000000000
5312. R8 : 0x000000002F3C1140 R9 : 0x0000000000000000 R10: 0x0000000000000000
5313. R11: 0x0000000000000064 R12: 0x0000000000000000 R13: 0x00000000B6C0E130
5314. R14: 0x000000004C7FF930 R15: 0x000000002F2A3EB0
5315.  
5316. Memory from 0x00000000B6C85744
5317. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
5318. 34 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
5319. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
5320. 35 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
5321. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
5322.  
5323. Stack Trace
5324. 0: ZwDelayExecution 0x00000014
5325. 1: SleepEx 0x000000A7
5326. 2: WinHttpTimeToSystemTime 0x00008586
5327. 3: WinHttpTimeToSystemTime 0x00008489
5328. 4: TpAllocWait 0x00000305
5329. 5: RtlAcquireSRWLockShared 0x0000453E
5330. 6: BaseThreadInitThunk 0x00000022
5331. 7: RtlUserThreadStart 0x00000034
5332.  
5333.  
5334.  
5335. ------------------------------
5336. THREAD ID: 0x000027C8
5337. got context
5338. Module path: C:\Windows\SYSTEM32\ntdll.dll
5339. PC: 0x0000000087B587F4 ModuleOffset: 0x00000000B6C887F4
5340. RAX: 0x0000000000000001 RBX: 0x000000002F2B5020 RCX: 0x0000000000010652
5341. RDX: 0x0000000000008013 RDI: 0x000000002F2B53A0 RSI: 0x0000000000000010
5342. RSP: 0x000000004CBFF3F8 RIP: 0x00000000B6C887F4 RBP: 0x0000000000000000
5343. R8 : 0x000000004CBFED90 R9 : 0x0000000000000000 R10: 0x0000000000000000
5344. R11: 0x000000004CBFEDA4 R12: 0x0000000000000000 R13: 0x00000000B6C0E130
5345. R14: 0x00000000B6BE9AF0 R15: 0x000000002F2A3EB0
5346.  
5347. Memory from 0x00000000B6C887D4
5348. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
5349. B9 01 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
5350. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
5351. BA 01 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
5352. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
5353.  
5354. Stack Trace
5355. 0: ZwWaitForWorkViaWorkerFactory 0x00000014
5356. 1: RtlAcquireSRWLockShared 0x00003E28
5357. 2: BaseThreadInitThunk 0x00000022
5358. 3: RtlUserThreadStart 0x00000034
5359.  
5360.  
5361.  
5362. ------------------------------
5363. THREAD ID: 0x00000B90
5364. got context
5365. Module path: C:\Windows\SYSTEM32\ntdll.dll
5366. PC: 0x0000000087B55C34 ModuleOffset: 0x00000000B6C85C34
5367. RAX: 0x0000000047FAB758 RBX: 0x0000000000000001 RCX: 0x000000004A052DE0
5368. RDX: 0x00000000B4C30C70 RDI: 0x0000000000000001 RSI: 0x0000000000000000
5369. RSP: 0x000000004CFFF7E8 RIP: 0x00000000B6C85C34 RBP: 0x00000000000005D8
5370. R8 : 0x0000000000000097 R9 : 0x0000000000000000 R10: 0x0000000000000000
5371. R11: 0x000000004A05A1A0 R12: 0x00000000FFFFFFFF R13: 0x000000004CFFFB40
5372. R14: 0x0000000000000000 R15: 0x0000000000000000
5373.  
5374. Memory from 0x00000000B6C85C14
5375. FF 66 66 66 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
5376. 5B 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
5377. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
5378. 5C 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
5379. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
5380.  
5381. Stack Trace
5382. 0: ZwWaitForMultipleObjects 0x00000014
5383. 1: WaitForMultipleObjectsEx 0x000000EF
5384. 2: RoGetActivationFactory 0x0000FE0F
5385. 3: InternalReleaseMarshalObjRef 0x00000BD8
5386. 4: RoGetActivationFactory 0x0000FCD7
5387. 5: InternalReleaseMarshalObjRef 0x000014CC
5388. 6: BaseThreadInitThunk 0x00000022
5389. 7: RtlUserThreadStart 0x00000034
5390.  
5391.  
5392.  
5393. ------------------------------
5394. THREAD ID: 0x00001EB8
5395. got context
5396. Module path: C:\Windows\SYSTEM32\ntdll.dll
5397. PC: 0x0000000087B55C34 ModuleOffset: 0x00000000B6C85C34
5398. RAX: 0x00000000000000C0 RBX: 0x0000000000000003 RCX: 0x0000000000000000
5399. RDX: 0x0000000000000000 RDI: 0x0000000000000003 RSI: 0x0000000000000001
5400. RSP: 0x0000000047D4F4E8 RIP: 0x00000000B6C85C34 RBP: 0x0000000000000000
5401. R8 : 0x0000000000000000 R9 : 0x0000000000000000 R10: 0x0000000000000000
5402. R11: 0x0000000000000000 R12: 0x00000000FFFFFFFF R13: 0x000000004A0A5DF8
5403. R14: 0x0000000000000000 R15: 0x0000000000000000
5404.  
5405. Memory from 0x00000000B6C85C14
5406. FF 66 66 66 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
5407. 5B 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
5408. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
5409. 5C 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
5410. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
5411.  
5412. Stack Trace
5413. 0: ZwWaitForMultipleObjects 0x00000014
5414. 1: WaitForMultipleObjectsEx 0x000000EF
5415. 2: CreateAssemblyNameObject 0x00057D94
5416. 3: BaseThreadInitThunk 0x00000022
5417. 4: RtlUserThreadStart 0x00000034
5418.  
5419.  
5420.  
5421. ------------------------------
5422. THREAD ID: 0x00002014
5423. got context
5424. Module path: C:\Windows\SYSTEM32\ntdll.dll
5425. PC: 0x0000000087B55C34 ModuleOffset: 0x00000000B6C85C34
5426. RAX: 0x00000000311E4760 RBX: 0x0000000000000001 RCX: 0x00000000311E4760
5427. RDX: 0x0000000000000000 RDI: 0x0000000000000001 RSI: 0x0000000000000001
5428. RSP: 0x000000004D3FEBF8 RIP: 0x00000000B6C85C34 RBP: 0x000000004D3FF009
5429. R8 : 0x000000004D3FEE98 R9 : 0x000000004D3FEF40 R10: 0x0000000000000000
5430. R11: 0x000000004D3FEF40 R12: 0x00000000FFFFFFFF R13: 0x000000004D3FF150
5431. R14: 0x0000000000000000 R15: 0x0000000000000001
5432.  
5433. Memory from 0x00000000B6C85C14
5434. FF 66 66 66 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
5435. 5B 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
5436. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
5437. 5C 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
5438. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
5439.  
5440. Stack Trace
5441. 0: ZwWaitForMultipleObjects 0x00000014
5442. 1: WaitForMultipleObjectsEx 0x000000EF
5443. 2: GetMetaDataPublicInterfaceFromInternal 0x0003A95E
5444. 3: GetMetaDataPublicInterfaceFromInternal 0x0003A7F8
5445. 4: GetMetaDataPublicInterfaceFromInternal 0x0003A5F1
5446. 5: GetMetaDataPublicInterfaceFromInternal 0x0003EEB5
5447. 13: DllCanUnloadNowInternal 0x00000BE3
5448. 14: DllCanUnloadNowInternal 0x00000AA3
5449. 15: DllCanUnloadNowInternal 0x000012F5
5450. 16: GetPrivateContextsPerfCounters 0x00007B79
5451. 17: DllCanUnloadNowInternal 0x000019A9
5452. 18: DllCanUnloadNowInternal 0x00001924
5453. 19: DllCanUnloadNowInternal 0x00001862
5454. 20: DllCanUnloadNowInternal 0x000019E3
5455. 21: GetPrivateContextsPerfCounters 0x00007A5B
5456. 22: InstallCustomModule 0x00001C7F
5457. 23: BaseThreadInitThunk 0x00000022
5458. 24: RtlUserThreadStart 0x00000034
5459.  
5460.  
5461.  
5462. ------------------------------
5463. THREAD ID: 0x0000221C
5464. got context
5465. Module path: C:\Windows\SYSTEM32\ntdll.dll
5466. PC: 0x0000000087B55C34 ModuleOffset: 0x00000000B6C85C34
5467. RAX: 0x0000000000000000 RBX: 0x0000000000000001 RCX: 0x0000000000001BC0
5468. RDX: 0x0000000000000000 RDI: 0x0000000000000001 RSI: 0x0000000000000001
5469. RSP: 0x000000004D7FEB08 RIP: 0x00000000B6C85C34 RBP: 0x000000004D7FEF19
5470. R8 : 0x00000000000157F0 R9 : 0x0000000000000000 R10: 0x00000000A4E48528
5471. R11: 0x00000000429013D0 R12: 0x00000000FFFFFFFF R13: 0x000000004D7FF060
5472. R14: 0x0000000000000000 R15: 0x0000000000000001
5473.  
5474. Memory from 0x00000000B6C85C14
5475. FF 66 66 66 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
5476. 5B 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
5477. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
5478. 5C 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
5479. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
5480.  
5481. Stack Trace
5482. 0: ZwWaitForMultipleObjects 0x00000014
5483. 1: WaitForMultipleObjectsEx 0x000000EF
5484. 2: GetMetaDataPublicInterfaceFromInternal 0x0003A95E
5485. 3: GetMetaDataPublicInterfaceFromInternal 0x0003A7F8
5486. 4: GetMetaDataPublicInterfaceFromInternal 0x0003A5F1
5487. 5: GetMetaDataPublicInterfaceFromInternal 0x0003EEB5
5488. 13: DllCanUnloadNowInternal 0x00000BE3
5489. 14: DllCanUnloadNowInternal 0x00000AA3
5490. 15: DllCanUnloadNowInternal 0x000012F5
5491. 16: GetPrivateContextsPerfCounters 0x00007B79
5492. 17: DllCanUnloadNowInternal 0x000019A9
5493. 18: DllCanUnloadNowInternal 0x00001924
5494. 19: DllCanUnloadNowInternal 0x00001862
5495. 20: DllCanUnloadNowInternal 0x000019E3
5496. 21: GetPrivateContextsPerfCounters 0x00007A5B
5497. 22: InstallCustomModule 0x00001C7F
5498. 23: BaseThreadInitThunk 0x00000022
5499. 24: RtlUserThreadStart 0x00000034
5500.  
5501.  
5502.  
5503. ------------------------------
5504. THREAD ID: 0x00001FF8
5505. got context
5506. Module path: C:\Windows\SYSTEM32\ntdll.dll
5507. PC: 0x0000000087B55C34 ModuleOffset: 0x00000000B6C85C34
5508. RAX: 0x00000000A8A290C0 RBX: 0x0000000000000001 RCX: 0x00000000911F7662
5509. RDX: 0x0000000055E7A546 RDI: 0x0000000000000001 RSI: 0x0000000000000001
5510. RSP: 0x000000004DBFE958 RIP: 0x00000000B6C85C34 RBP: 0x000000004DBFED69
5511. R8 : 0x0000000055E7A523 R9 : 0x0000000000000001 R10: 0x000000003895F590
5512. R11: 0x0000000044E01A68 R12: 0x00000000FFFFFFFF R13: 0x000000004DBFEEB0
5513. R14: 0x0000000000000000 R15: 0x0000000000000001
5514.  
5515. Memory from 0x00000000B6C85C14
5516. FF 66 66 66 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
5517. 5B 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
5518. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
5519. 5C 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
5520. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
5521.  
5522. Stack Trace
5523. 0: ZwWaitForMultipleObjects 0x00000014
5524. 1: WaitForMultipleObjectsEx 0x000000EF
5525. 2: GetMetaDataPublicInterfaceFromInternal 0x0003A95E
5526. 3: GetMetaDataPublicInterfaceFromInternal 0x0003A7F8
5527. 4: GetMetaDataPublicInterfaceFromInternal 0x0003A5F1
5528. 5: GetMetaDataPublicInterfaceFromInternal 0x0003EEB5
5529. 13: DllCanUnloadNowInternal 0x00000BE3
5530. 14: DllCanUnloadNowInternal 0x00000AA3
5531. 15: DllCanUnloadNowInternal 0x000012F5
5532. 16: GetPrivateContextsPerfCounters 0x00007B79
5533. 17: DllCanUnloadNowInternal 0x000019A9
5534. 18: DllCanUnloadNowInternal 0x00001924
5535. 19: DllCanUnloadNowInternal 0x00001862
5536. 20: DllCanUnloadNowInternal 0x000019E3
5537. 21: GetPrivateContextsPerfCounters 0x00007A5B
5538. 22: InstallCustomModule 0x00001C7F
5539. 23: BaseThreadInitThunk 0x00000022
5540. 24: RtlUserThreadStart 0x00000034
5541.  
5542.  
5543.  
5544. ------------------------------
5545. THREAD ID: 0x00001D04
5546. got context
5547. Module path: C:\Windows\SYSTEM32\ntdll.dll
5548. PC: 0x0000000087B55C34 ModuleOffset: 0x00000000B6C85C34
5549. RAX: 0x0000000000000000 RBX: 0x0000000000000001 RCX: 0x000000004DFFED30
5550. RDX: 0x00000000311E5B48 RDI: 0x0000000000000001 RSI: 0x0000000000000001
5551. RSP: 0x000000004DFFE798 RIP: 0x00000000B6C85C34 RBP: 0x000000004DFFEBA9
5552. R8 : 0x000000004DFFEC60 R9 : 0x0000000000000000 R10: 0x0000000000000000
5553. R11: 0x000000007C7533C0 R12: 0x00000000FFFFFFFF R13: 0x000000004DFFECF0
5554. R14: 0x0000000000000000 R15: 0x0000000000000001
5555.  
5556. Memory from 0x00000000B6C85C14
5557. FF 66 66 66 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
5558. 5B 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
5559. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
5560. 5C 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
5561. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
5562.  
5563. Stack Trace
5564. 0: ZwWaitForMultipleObjects 0x00000014
5565. 1: WaitForMultipleObjectsEx 0x000000EF
5566. 2: GetMetaDataPublicInterfaceFromInternal 0x0003A95E
5567. 3: GetMetaDataPublicInterfaceFromInternal 0x0003A7F8
5568. 4: GetMetaDataPublicInterfaceFromInternal 0x0003A5F1
5569. 5: GetMetaDataPublicInterfaceFromInternal 0x0003EEB5
5570. 13: DllCanUnloadNowInternal 0x00000BE3
5571. 14: DllCanUnloadNowInternal 0x00000AA3
5572. 15: DllCanUnloadNowInternal 0x000012F5
5573. 16: GetPrivateContextsPerfCounters 0x00007B79
5574. 17: DllCanUnloadNowInternal 0x000019A9
5575. 18: DllCanUnloadNowInternal 0x00001924
5576. 19: DllCanUnloadNowInternal 0x00001862
5577. 20: DllCanUnloadNowInternal 0x000019E3
5578. 21: GetPrivateContextsPerfCounters 0x00007A5B
5579. 22: InstallCustomModule 0x00001C7F
5580. 23: BaseThreadInitThunk 0x00000022
5581. 24: RtlUserThreadStart 0x00000034
5582.  
5583.  
5584.  
5585. ------------------------------
5586. THREAD ID: 0x00002BD8
5587. got context
5588. Module path: C:\Windows\SYSTEM32\ntdll.dll
5589. PC: 0x0000000087B55C34 ModuleOffset: 0x00000000B6C85C34
5590. RAX: 0x0000000000000000 RBX: 0x0000000000000001 RCX: 0x00000000000012C0
5591. RDX: 0x0000000000000000 RDI: 0x0000000000000001 RSI: 0x0000000000000001
5592. RSP: 0x000000004E3FE6E8 RIP: 0x00000000B6C85C34 RBP: 0x000000004E3FEAF9
5593. R8 : 0x0000000000002000 R9 : 0x0000000000000000 R10: 0x00000000A4E48258
5594. R11: 0x0000000038ADBA90 R12: 0x00000000FFFFFFFF R13: 0x000000004E3FEC40
5595. R14: 0x0000000000000000 R15: 0x0000000000000001
5596.  
5597. Memory from 0x00000000B6C85C14
5598. FF 66 66 66 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
5599. 5B 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
5600. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
5601. 5C 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
5602. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
5603.  
5604. Stack Trace
5605. 0: ZwWaitForMultipleObjects 0x00000014
5606. 1: WaitForMultipleObjectsEx 0x000000EF
5607. 2: GetMetaDataPublicInterfaceFromInternal 0x0003A95E
5608. 3: GetMetaDataPublicInterfaceFromInternal 0x0003A7F8
5609. 4: GetMetaDataPublicInterfaceFromInternal 0x0003A5F1
5610. 5: GetMetaDataPublicInterfaceFromInternal 0x0003EEB5
5611. 13: DllCanUnloadNowInternal 0x00000BE3
5612. 14: DllCanUnloadNowInternal 0x00000AA3
5613. 15: DllCanUnloadNowInternal 0x000012F5
5614. 16: GetPrivateContextsPerfCounters 0x00007B79
5615. 17: DllCanUnloadNowInternal 0x000019A9
5616. 18: DllCanUnloadNowInternal 0x00001924
5617. 19: DllCanUnloadNowInternal 0x00001862
5618. 20: DllCanUnloadNowInternal 0x000019E3
5619. 21: GetPrivateContextsPerfCounters 0x00007A5B
5620. 22: InstallCustomModule 0x00001C7F
5621. 23: BaseThreadInitThunk 0x00000022
5622. 24: RtlUserThreadStart 0x00000034
5623.  
5624.  
5625.  
5626. ------------------------------
5627. THREAD ID: 0x00000914
5628. got context
5629. Module path: C:\Windows\SYSTEM32\ntdll.dll
5630. PC: 0x0000000087B55C34 ModuleOffset: 0x00000000B6C85C34
5631. RAX: 0x0000000000000000 RBX: 0x0000000000000001 RCX: 0x0000000000001E98
5632. RDX: 0x0000000000000000 RDI: 0x0000000000000001 RSI: 0x0000000000000001
5633. RSP: 0x000000004E7FE618 RIP: 0x00000000B6C85C34 RBP: 0x000000004E7FEA29
5634. R8 : 0x0000000000015920 R9 : 0x0000000000000000 R10: 0x00000000A4E48528
5635. R11: 0x00000000414BA578 R12: 0x00000000FFFFFFFF R13: 0x000000004E7FEB70
5636. R14: 0x0000000000000000 R15: 0x0000000000000001
5637.  
5638. Memory from 0x00000000B6C85C14
5639. FF 66 66 66 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
5640. 5B 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
5641. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
5642. 5C 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
5643. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
5644.  
5645. Stack Trace
5646. 0: ZwWaitForMultipleObjects 0x00000014
5647. 1: WaitForMultipleObjectsEx 0x000000EF
5648. 2: GetMetaDataPublicInterfaceFromInternal 0x0003A95E
5649. 3: GetMetaDataPublicInterfaceFromInternal 0x0003A7F8
5650. 4: GetMetaDataPublicInterfaceFromInternal 0x0003A5F1
5651. 5: GetMetaDataPublicInterfaceFromInternal 0x0003EEB5
5652. 13: DllCanUnloadNowInternal 0x00000BE3
5653. 14: DllCanUnloadNowInternal 0x00000AA3
5654. 15: DllCanUnloadNowInternal 0x000012F5
5655. 16: GetPrivateContextsPerfCounters 0x00007B79
5656. 17: DllCanUnloadNowInternal 0x000019A9
5657. 18: DllCanUnloadNowInternal 0x00001924
5658. 19: DllCanUnloadNowInternal 0x00001862
5659. 20: DllCanUnloadNowInternal 0x000019E3
5660. 21: GetPrivateContextsPerfCounters 0x00007A5B
5661. 22: InstallCustomModule 0x00001C7F
5662. 23: BaseThreadInitThunk 0x00000022
5663. 24: RtlUserThreadStart 0x00000034
5664.  
5665.  
5666.  
5667. ------------------------------
5668. THREAD ID: 0x000004DC
5669. got context
5670. Module path: C:\Windows\SYSTEM32\ntdll.dll
5671. PC: 0x0000000087B55C34 ModuleOffset: 0x00000000B6C85C34
5672. RAX: 0x0000000000000B60 RBX: 0x0000000000000001 RCX: 0x0000000038AF6370
5673. RDX: 0x000000000000001D RDI: 0x0000000000000001 RSI: 0x0000000000000001
5674. RSP: 0x000000004EBFE6F8 RIP: 0x00000000B6C85C34 RBP: 0x000000004EBFEB09
5675. R8 : 0x0000000038AF636C R9 : 0x0000000000000000 R10: 0x0000000000000FD2
5676. R11: 0x00000000499D5740 R12: 0x00000000FFFFFFFF R13: 0x000000004EBFEC50
5677. R14: 0x0000000000000000 R15: 0x0000000000000001
5678.  
5679. Memory from 0x00000000B6C85C14
5680. FF 66 66 66 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
5681. 5B 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
5682. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
5683. 5C 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
5684. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
5685.  
5686. Stack Trace
5687. 0: ZwWaitForMultipleObjects 0x00000014
5688. 1: WaitForMultipleObjectsEx 0x000000EF
5689. 2: GetMetaDataPublicInterfaceFromInternal 0x0003A95E
5690. 3: GetMetaDataPublicInterfaceFromInternal 0x0003A7F8
5691. 4: GetMetaDataPublicInterfaceFromInternal 0x0003A5F1
5692. 5: GetMetaDataPublicInterfaceFromInternal 0x0003EEB5
5693. 13: DllCanUnloadNowInternal 0x00000BE3
5694. 14: DllCanUnloadNowInternal 0x00000AA3
5695. 15: DllCanUnloadNowInternal 0x000012F5
5696. 16: GetPrivateContextsPerfCounters 0x00007B79
5697. 17: DllCanUnloadNowInternal 0x000019A9
5698. 18: DllCanUnloadNowInternal 0x00001924
5699. 19: DllCanUnloadNowInternal 0x00001862
5700. 20: DllCanUnloadNowInternal 0x000019E3
5701. 21: GetPrivateContextsPerfCounters 0x00007A5B
5702. 22: InstallCustomModule 0x00001C7F
5703. 23: BaseThreadInitThunk 0x00000022
5704. 24: RtlUserThreadStart 0x00000034
5705.  
5706.  
5707.  
5708. ------------------------------
5709. THREAD ID: 0x00000FDC
5710. got context
5711. Module path: C:\Windows\SYSTEM32\ntdll.dll
5712. PC: 0x0000000087B55C34 ModuleOffset: 0x00000000B6C85C34
5713. RAX: 0x0000000000000000 RBX: 0x0000000000000001 RCX: 0x0000000000001EC8
5714. RDX: 0x0000000000000000 RDI: 0x0000000000000001 RSI: 0x0000000000000001
5715. RSP: 0x000000004EFFE8B8 RIP: 0x00000000B6C85C34 RBP: 0x000000004EFFECC9
5716. R8 : 0x00000000000160C0 R9 : 0x0000000000000000 R10: 0x00000000A4E48528
5717. R11: 0x0000000041409E08 R12: 0x00000000FFFFFFFF R13: 0x000000004EFFEE10
5718. R14: 0x0000000000000000 R15: 0x0000000000000001
5719.  
5720. Memory from 0x00000000B6C85C14
5721. FF 66 66 66 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
5722. 5B 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
5723. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
5724. 5C 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
5725. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
5726.  
5727. Stack Trace
5728. 0: ZwWaitForMultipleObjects 0x00000014
5729. 1: WaitForMultipleObjectsEx 0x000000EF
5730. 2: GetMetaDataPublicInterfaceFromInternal 0x0003A95E
5731. 3: GetMetaDataPublicInterfaceFromInternal 0x0003A7F8
5732. 4: GetMetaDataPublicInterfaceFromInternal 0x0003A5F1
5733. 5: GetMetaDataPublicInterfaceFromInternal 0x0003EEB5
5734. 13: DllCanUnloadNowInternal 0x00000BE3
5735. 14: DllCanUnloadNowInternal 0x00000AA3
5736. 15: DllCanUnloadNowInternal 0x000012F5
5737. 16: GetPrivateContextsPerfCounters 0x00007B79
5738. 17: DllCanUnloadNowInternal 0x000019A9
5739. 18: DllCanUnloadNowInternal 0x00001924
5740. 19: DllCanUnloadNowInternal 0x00001862
5741. 20: DllCanUnloadNowInternal 0x000019E3
5742. 21: GetPrivateContextsPerfCounters 0x00007A5B
5743. 22: InstallCustomModule 0x00001C7F
5744. 23: BaseThreadInitThunk 0x00000022
5745. 24: RtlUserThreadStart 0x00000034
5746.  
5747.  
5748.  
5749. ------------------------------
5750. THREAD ID: 0x000024E4
5751. got context
5752. Module path: C:\Windows\SYSTEM32\ntdll.dll
5753. PC: 0x0000000087B55C34 ModuleOffset: 0x00000000B6C85C34
5754. RAX: 0x000000004A252C90 RBX: 0x0000000000000001 RCX: 0x000000004A24BBE0
5755. RDX: 0x000000000000051C RDI: 0x0000000000000001 RSI: 0x0000000000000001
5756. RSP: 0x000000004F3FE278 RIP: 0x00000000B6C85C34 RBP: 0x000000004F3FE689
5757. R8 : 0x0000000000000001 R9 : 0x00000000499D70A0 R10: 0x0000000000000001
5758. R11: 0x00000000A16972D8 R12: 0x00000000FFFFFFFF R13: 0x000000004F3FE7D0
5759. R14: 0x0000000000000000 R15: 0x0000000000000001
5760.  
5761. Memory from 0x00000000B6C85C14
5762. FF 66 66 66 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
5763. 5B 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
5764. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
5765. 5C 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
5766. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
5767.  
5768. Stack Trace
5769. 0: ZwWaitForMultipleObjects 0x00000014
5770. 1: WaitForMultipleObjectsEx 0x000000EF
5771. 2: GetMetaDataPublicInterfaceFromInternal 0x0003A95E
5772. 3: GetMetaDataPublicInterfaceFromInternal 0x0003A7F8
5773. 4: GetMetaDataPublicInterfaceFromInternal 0x0003A5F1
5774. 5: GetMetaDataPublicInterfaceFromInternal 0x0003EEB5
5775. 13: DllCanUnloadNowInternal 0x00000BE3
5776. 14: DllCanUnloadNowInternal 0x00000AA3
5777. 15: DllCanUnloadNowInternal 0x000012F5
5778. 16: GetPrivateContextsPerfCounters 0x00007B79
5779. 17: DllCanUnloadNowInternal 0x000019A9
5780. 18: DllCanUnloadNowInternal 0x00001924
5781. 19: DllCanUnloadNowInternal 0x00001862
5782. 20: DllCanUnloadNowInternal 0x000019E3
5783. 21: GetPrivateContextsPerfCounters 0x00007A5B
5784. 22: InstallCustomModule 0x00001C7F
5785. 23: BaseThreadInitThunk 0x00000022
5786. 24: RtlUserThreadStart 0x00000034
5787.  
5788.  
5789.  
5790. ------------------------------
5791. THREAD ID: 0x000028BC
5792. got context
5793. Module path: C:\Windows\SYSTEM32\ntdll.dll
5794. PC: 0x0000000087B55C34 ModuleOffset: 0x00000000B6C85C34
5795. RAX: 0x0000000000000AFD RBX: 0x0000000000000001 RCX: 0x0000000038AF7078
5796. RDX: 0x000000000000001D RDI: 0x0000000000000001 RSI: 0x0000000000000001
5797. RSP: 0x000000004F7FE5D8 RIP: 0x00000000B6C85C34 RBP: 0x000000004F7FE9E9
5798. R8 : 0x0000000038AF7074 R9 : 0x0000000000000000 R10: 0x0000000000000FD2
5799. R11: 0x000000004A105420 R12: 0x00000000FFFFFFFF R13: 0x000000004F7FEB30
5800. R14: 0x0000000000000000 R15: 0x0000000000000001
5801.  
5802. Memory from 0x00000000B6C85C14
5803. FF 66 66 66 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
5804. 5B 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
5805. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
5806. 5C 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
5807. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
5808.  
5809. Stack Trace
5810. 0: ZwWaitForMultipleObjects 0x00000014
5811. 1: WaitForMultipleObjectsEx 0x000000EF
5812. 2: GetMetaDataPublicInterfaceFromInternal 0x0003A95E
5813. 3: GetMetaDataPublicInterfaceFromInternal 0x0003A7F8
5814. 4: GetMetaDataPublicInterfaceFromInternal 0x0003A5F1
5815. 5: GetMetaDataPublicInterfaceFromInternal 0x0003EEB5
5816. 13: DllCanUnloadNowInternal 0x00000BE3
5817. 14: DllCanUnloadNowInternal 0x00000AA3
5818. 15: DllCanUnloadNowInternal 0x000012F5
5819. 16: GetPrivateContextsPerfCounters 0x00007B79
5820. 17: DllCanUnloadNowInternal 0x000019A9
5821. 18: DllCanUnloadNowInternal 0x00001924
5822. 19: DllCanUnloadNowInternal 0x00001862
5823. 20: DllCanUnloadNowInternal 0x000019E3
5824. 21: GetPrivateContextsPerfCounters 0x00007A5B
5825. 22: InstallCustomModule 0x00001C7F
5826. 23: BaseThreadInitThunk 0x00000022
5827. 24: RtlUserThreadStart 0x00000034
5828.  
5829.  
5830.  
5831. ------------------------------
5832. THREAD ID: 0x00000EC4
5833. got context
5834. Module path: C:\Windows\SYSTEM32\ntdll.dll
5835. PC: 0x0000000087B55C34 ModuleOffset: 0x00000000B6C85C34
5836. RAX: 0x000000000000123C RBX: 0x0000000000000001 RCX: 0x0000000038C48228
5837. RDX: 0x0000000000000001 RDI: 0x0000000000000001 RSI: 0x0000000000000001
5838. RSP: 0x000000004FBFE578 RIP: 0x00000000B6C85C34 RBP: 0x000000004FBFE989
5839. R8 : 0x0000000038C48224 R9 : 0x0000000000000000 R10: 0x0000000000008E62
5840. R11: 0x0000000049BAB460 R12: 0x00000000FFFFFFFF R13: 0x000000004FBFEAD0
5841. R14: 0x0000000000000000 R15: 0x0000000000000001
5842.  
5843. Memory from 0x00000000B6C85C14
5844. FF 66 66 66 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
5845. 5B 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
5846. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
5847. 5C 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
5848. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
5849.  
5850. Stack Trace
5851. 0: ZwWaitForMultipleObjects 0x00000014
5852. 1: WaitForMultipleObjectsEx 0x000000EF
5853. 2: GetMetaDataPublicInterfaceFromInternal 0x0003A95E
5854. 3: GetMetaDataPublicInterfaceFromInternal 0x0003A7F8
5855. 4: GetMetaDataPublicInterfaceFromInternal 0x0003A5F1
5856. 5: GetMetaDataPublicInterfaceFromInternal 0x0003EEB5
5857. 13: DllCanUnloadNowInternal 0x00000BE3
5858. 14: DllCanUnloadNowInternal 0x00000AA3
5859. 15: DllCanUnloadNowInternal 0x000012F5
5860. 16: GetPrivateContextsPerfCounters 0x00007B79
5861. 17: DllCanUnloadNowInternal 0x000019A9
5862. 18: DllCanUnloadNowInternal 0x00001924
5863. 19: DllCanUnloadNowInternal 0x00001862
5864. 20: DllCanUnloadNowInternal 0x000019E3
5865. 21: GetPrivateContextsPerfCounters 0x00007A5B
5866. 22: InstallCustomModule 0x00001C7F
5867. 23: BaseThreadInitThunk 0x00000022
5868. 24: RtlUserThreadStart 0x00000034
5869.  
5870.  
5871.  
5872. ------------------------------
5873. THREAD ID: 0x0000074C
5874. got context
5875. Module path: C:\Windows\SYSTEM32\ntdll.dll
5876. PC: 0x0000000087B55C34 ModuleOffset: 0x00000000B6C85C34
5877. RAX: 0x0000000000000000 RBX: 0x0000000000000001 RCX: 0x00000000A1584E1A
5878. RDX: 0x0000000000000001 RDI: 0x0000000000000001 RSI: 0x0000000000000001
5879. RSP: 0x000000004FFFE1E8 RIP: 0x00000000B6C85C34 RBP: 0x000000004FFFE5F9
5880. R8 : 0x0000000000000020 R9 : 0x00000000A1C01D30 R10: 0x0000000000000000
5881. R11: 0x00000000499DA240 R12: 0x00000000FFFFFFFF R13: 0x000000004FFFE740
5882. R14: 0x0000000000000000 R15: 0x0000000000000001
5883.  
5884. Memory from 0x00000000B6C85C14
5885. FF 66 66 66 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
5886. 5B 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
5887. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
5888. 5C 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
5889. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
5890.  
5891. Stack Trace
5892. 0: ZwWaitForMultipleObjects 0x00000014
5893. 1: WaitForMultipleObjectsEx 0x000000EF
5894. 2: GetMetaDataPublicInterfaceFromInternal 0x0003A95E
5895. 3: GetMetaDataPublicInterfaceFromInternal 0x0003A7F8
5896. 4: GetMetaDataPublicInterfaceFromInternal 0x0003A5F1
5897. 5: GetMetaDataPublicInterfaceFromInternal 0x0003EEB5
5898. 13: DllCanUnloadNowInternal 0x00000BE3
5899. 14: DllCanUnloadNowInternal 0x00000AA3
5900. 15: DllCanUnloadNowInternal 0x000012F5
5901. 16: GetPrivateContextsPerfCounters 0x00007B79
5902. 17: DllCanUnloadNowInternal 0x000019A9
5903. 18: DllCanUnloadNowInternal 0x00001924
5904. 19: DllCanUnloadNowInternal 0x00001862
5905. 20: DllCanUnloadNowInternal 0x000019E3
5906. 21: GetPrivateContextsPerfCounters 0x00007A5B
5907. 22: InstallCustomModule 0x00001C7F
5908. 23: BaseThreadInitThunk 0x00000022
5909. 24: RtlUserThreadStart 0x00000034
5910.  
5911.  
5912.  
5913. ------------------------------
5914. THREAD ID: 0x00001398
5915. got context
5916. Module path: C:\Windows\SYSTEM32\ntdll.dll
5917. PC: 0x0000000087B55C34 ModuleOffset: 0x00000000B6C85C34
5918. RAX: 0x0000000000000A10 RBX: 0x0000000000000001 RCX: 0x00000000311E44E0
5919. RDX: 0x000000000000001F RDI: 0x0000000000000001 RSI: 0x0000000000000001
5920. RSP: 0x00000000503FE178 RIP: 0x00000000B6C85C34 RBP: 0x00000000503FE589
5921. R8 : 0x00000000311E44DC R9 : 0x0000000000000000 R10: 0x0000000000008E62
5922. R11: 0x00000000499DAEF0 R12: 0x00000000FFFFFFFF R13: 0x00000000503FE6D0
5923. R14: 0x0000000000000000 R15: 0x0000000000000001
5924.  
5925. Memory from 0x00000000B6C85C14
5926. FF 66 66 66 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
5927. 5B 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
5928. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
5929. 5C 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
5930. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
5931.  
5932. Stack Trace
5933. 0: ZwWaitForMultipleObjects 0x00000014
5934. 1: WaitForMultipleObjectsEx 0x000000EF
5935. 2: GetMetaDataPublicInterfaceFromInternal 0x0003A95E
5936. 3: GetMetaDataPublicInterfaceFromInternal 0x0003A7F8
5937. 4: GetMetaDataPublicInterfaceFromInternal 0x0003A5F1
5938. 5: GetMetaDataPublicInterfaceFromInternal 0x0003EEB5
5939. 13: DllCanUnloadNowInternal 0x00000BE3
5940. 14: DllCanUnloadNowInternal 0x00000AA3
5941. 15: DllCanUnloadNowInternal 0x000012F5
5942. 16: GetPrivateContextsPerfCounters 0x00007B79
5943. 17: DllCanUnloadNowInternal 0x000019A9
5944. 18: DllCanUnloadNowInternal 0x00001924
5945. 19: DllCanUnloadNowInternal 0x00001862
5946. 20: DllCanUnloadNowInternal 0x000019E3
5947. 21: GetPrivateContextsPerfCounters 0x00007A5B
5948. 22: InstallCustomModule 0x00001C7F
5949. 23: BaseThreadInitThunk 0x00000022
5950. 24: RtlUserThreadStart 0x00000034
5951.  
5952.  
5953.  
5954. ------------------------------
5955. THREAD ID: 0x0000022C
5956. got context
5957. Module path: C:\Windows\SYSTEM32\ntdll.dll
5958. PC: 0x0000000087B55C34 ModuleOffset: 0x00000000B6C85C34
5959. RAX: 0x0000000000001203 RBX: 0x0000000000000001 RCX: 0x0000000038BDF568
5960. RDX: 0x0000000000000001 RDI: 0x0000000000000001 RSI: 0x0000000000000001
5961. RSP: 0x00000000507FE1F8 RIP: 0x00000000B6C85C34 RBP: 0x00000000507FE609
5962. R8 : 0x0000000038BDF564 R9 : 0x0000000000000000 R10: 0x0000000000008E62
5963. R11: 0x00000000499DBBA0 R12: 0x00000000FFFFFFFF R13: 0x00000000507FE750
5964. R14: 0x0000000000000000 R15: 0x0000000000000001
5965.  
5966. Memory from 0x00000000B6C85C14
5967. FF 66 66 66 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
5968. 5B 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
5969. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
5970. 5C 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
5971. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
5972.  
5973. Stack Trace
5974. 0: ZwWaitForMultipleObjects 0x00000014
5975. 1: WaitForMultipleObjectsEx 0x000000EF
5976. 2: GetMetaDataPublicInterfaceFromInternal 0x0003A95E
5977. 3: GetMetaDataPublicInterfaceFromInternal 0x0003A7F8
5978. 4: GetMetaDataPublicInterfaceFromInternal 0x0003A5F1
5979. 5: GetMetaDataPublicInterfaceFromInternal 0x0003EEB5
5980. 13: DllCanUnloadNowInternal 0x00000BE3
5981. 14: DllCanUnloadNowInternal 0x00000AA3
5982. 15: DllCanUnloadNowInternal 0x000012F5
5983. 16: GetPrivateContextsPerfCounters 0x00007B79
5984. 17: DllCanUnloadNowInternal 0x000019A9
5985. 18: DllCanUnloadNowInternal 0x00001924
5986. 19: DllCanUnloadNowInternal 0x00001862
5987. 20: DllCanUnloadNowInternal 0x000019E3
5988. 21: GetPrivateContextsPerfCounters 0x00007A5B
5989. 22: InstallCustomModule 0x00001C7F
5990. 23: BaseThreadInitThunk 0x00000022
5991. 24: RtlUserThreadStart 0x00000034
5992.  
5993.  
5994.  
5995. ------------------------------
5996. THREAD ID: 0x000022B0
5997. got context
5998. Module path: C:\Windows\SYSTEM32\ntdll.dll
5999. PC: 0x0000000087B55C34 ModuleOffset: 0x00000000B6C85C34
6000. RAX: 0x00000000A4508C80 RBX: 0x0000000000000001 RCX: 0x0000000000000000
6001. RDX: 0x00000000A1AC9028 RDI: 0x0000000000000001 RSI: 0x0000000000000001
6002. RSP: 0x0000000050BFE448 RIP: 0x00000000B6C85C34 RBP: 0x0000000050BFE859
6003. R8 : 0x000000001821A747 R9 : 0x0000000000880088 R10: 0x00000000A165B178
6004. R11: 0x0000000000000000 R12: 0x00000000FFFFFFFF R13: 0x0000000050BFE9A0
6005. R14: 0x0000000000000000 R15: 0x0000000000000001
6006.  
6007. Memory from 0x00000000B6C85C14
6008. FF 66 66 66 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6009. 5B 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
6010. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6011. 5C 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
6012. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6013.  
6014. Stack Trace
6015. 0: ZwWaitForMultipleObjects 0x00000014
6016. 1: WaitForMultipleObjectsEx 0x000000EF
6017. 2: GetMetaDataPublicInterfaceFromInternal 0x0003A95E
6018. 3: GetMetaDataPublicInterfaceFromInternal 0x0003A7F8
6019. 4: GetMetaDataPublicInterfaceFromInternal 0x0003A5F1
6020. 5: GetMetaDataPublicInterfaceFromInternal 0x0003EEB5
6021. 13: DllCanUnloadNowInternal 0x00000BE3
6022. 14: DllCanUnloadNowInternal 0x00000AA3
6023. 15: DllCanUnloadNowInternal 0x000012F5
6024. 16: GetPrivateContextsPerfCounters 0x00007B79
6025. 17: DllCanUnloadNowInternal 0x000019A9
6026. 18: DllCanUnloadNowInternal 0x00001924
6027. 19: DllCanUnloadNowInternal 0x00001862
6028. 20: DllCanUnloadNowInternal 0x000019E3
6029. 21: GetPrivateContextsPerfCounters 0x00007A5B
6030. 22: InstallCustomModule 0x00001C7F
6031. 23: BaseThreadInitThunk 0x00000022
6032. 24: RtlUserThreadStart 0x00000034
6033.  
6034.  
6035.  
6036. ------------------------------
6037. THREAD ID: 0x0000036C
6038. got context
6039. Module path: C:\Windows\SYSTEM32\ntdll.dll
6040. PC: 0x0000000087B55C34 ModuleOffset: 0x00000000B6C85C34
6041. RAX: 0x00000000000010DD RBX: 0x0000000000000001 RCX: 0x00000000388A9408
6042. RDX: 0x000000000000001F RDI: 0x0000000000000001 RSI: 0x0000000000000001
6043. RSP: 0x0000000050FFDF18 RIP: 0x00000000B6C85C34 RBP: 0x0000000050FFE329
6044. R8 : 0x00000000388A9404 R9 : 0x0000000000000000 R10: 0x0000000000002F76
6045. R11: 0x0000000049BB9BE0 R12: 0x00000000FFFFFFFF R13: 0x0000000050FFE470
6046. R14: 0x0000000000000000 R15: 0x0000000000000001
6047.  
6048. Memory from 0x00000000B6C85C14
6049. FF 66 66 66 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6050. 5B 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
6051. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6052. 5C 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
6053. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6054.  
6055. Stack Trace
6056. 0: ZwWaitForMultipleObjects 0x00000014
6057. 1: WaitForMultipleObjectsEx 0x000000EF
6058. 2: GetMetaDataPublicInterfaceFromInternal 0x0003A95E
6059. 3: GetMetaDataPublicInterfaceFromInternal 0x0003A7F8
6060. 4: GetMetaDataPublicInterfaceFromInternal 0x0003A5F1
6061. 5: GetMetaDataPublicInterfaceFromInternal 0x0003EEB5
6062. 13: DllCanUnloadNowInternal 0x00000BE3
6063. 14: DllCanUnloadNowInternal 0x00000AA3
6064. 15: DllCanUnloadNowInternal 0x000012F5
6065. 16: GetPrivateContextsPerfCounters 0x00007B79
6066. 17: DllCanUnloadNowInternal 0x000019A9
6067. 18: DllCanUnloadNowInternal 0x00001924
6068. 19: DllCanUnloadNowInternal 0x00001862
6069. 20: DllCanUnloadNowInternal 0x000019E3
6070. 21: GetPrivateContextsPerfCounters 0x00007A5B
6071. 22: InstallCustomModule 0x00001C7F
6072. 23: BaseThreadInitThunk 0x00000022
6073. 24: RtlUserThreadStart 0x00000034
6074.  
6075.  
6076.  
6077. ------------------------------
6078. THREAD ID: 0x000010B8
6079. got context
6080. Module path: C:\Windows\SYSTEM32\ntdll.dll
6081. PC: 0x0000000087B55164 ModuleOffset: 0x00000000B6C85164
6082. RAX: 0x0000000000000000 RBX: 0x0000000000000000 RCX: 0x0000000035F2A9F0
6083. RDX: 0x0000000035F2A9F0 RDI: 0x0000000000000608 RSI: 0x0000000000004E20
6084. RSP: 0x00000000513FF0F8 RIP: 0x00000000B6C85164 RBP: 0x00000000513FF280
6085. R8 : 0x0000000000000000 R9 : 0x00000000513FE858 R10: 0x00000000A1C54708
6086. R11: 0x00000000311EA9F0 R12: 0x0000000000000001 R13: 0x0000000000000000
6087. R14: 0x00000000513FF128 R15: 0x00000000FFFF0000
6088.  
6089. Memory from 0x00000000B6C85144
6090. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6091. 04 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
6092. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6093. 05 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
6094. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6095.  
6096. Stack Trace
6097. 0: NtWaitForSingleObject 0x00000014
6098. 1: WaitForSingleObjectEx 0x0000008F
6099. 2: DllCanUnloadNowInternal 0x00002202
6100. 3: DllCanUnloadNowInternal 0x0000237F
6101. 4: DllCanUnloadNowInternal 0x000023EA
6102. 5: InstallCustomModule 0x00001C7F
6103. 6: BaseThreadInitThunk 0x00000022
6104. 7: RtlUserThreadStart 0x00000034
6105.  
6106.  
6107.  
6108. ------------------------------
6109. THREAD ID: 0x00000BB8
6110. got context
6111. Module path: C:\Windows\SYSTEM32\ntdll.dll
6112. PC: 0x0000000087B55164 ModuleOffset: 0x00000000B6C85164
6113. RAX: 0x0000000000000000 RBX: 0x0000000000000000 RCX: 0x00000000B6C85764
6114. RDX: 0x0000000000000000 RDI: 0x0000000000000608 RSI: 0x0000000000004E20
6115. RSP: 0x00000000517FEEE8 RIP: 0x00000000B6C85164 RBP: 0x00000000517FF070
6116. R8 : 0x00000000517FEF78 R9 : 0x0000000000000000 R10: 0x0000000000000000
6117. R11: 0x0000000000000246 R12: 0x0000000000000001 R13: 0x0000000000000000
6118. R14: 0x00000000517FEF18 R15: 0x00000000FFFF0000
6119.  
6120. Memory from 0x00000000B6C85144
6121. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6122. 04 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
6123. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6124. 05 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
6125. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6126.  
6127. Stack Trace
6128. 0: NtWaitForSingleObject 0x00000014
6129. 1: WaitForSingleObjectEx 0x0000008F
6130. 2: DllCanUnloadNowInternal 0x00002202
6131. 3: DllCanUnloadNowInternal 0x0000237F
6132. 4: DllCanUnloadNowInternal 0x000023EA
6133. 5: InstallCustomModule 0x00001C7F
6134. 6: BaseThreadInitThunk 0x00000022
6135. 7: RtlUserThreadStart 0x00000034
6136.  
6137.  
6138.  
6139. ------------------------------
6140. THREAD ID: 0x00002288
6141. got context
6142. Module path: C:\Windows\SYSTEM32\ntdll.dll
6143. PC: 0x0000000087B55164 ModuleOffset: 0x00000000B6C85164
6144. RAX: 0x0000000000000000 RBX: 0x0000000000000000 RCX: 0x00000000B6C85764
6145. RDX: 0x0000000000000000 RDI: 0x0000000000000608 RSI: 0x0000000000004E20
6146. RSP: 0x0000000051BFEC48 RIP: 0x00000000B6C85164 RBP: 0x0000000051BFEDD0
6147. R8 : 0x0000000051BFECD8 R9 : 0x0000000000000000 R10: 0x0000000000000000
6148. R11: 0x0000000000000246 R12: 0x0000000000000001 R13: 0x0000000000000000
6149. R14: 0x0000000051BFEC78 R15: 0x00000000FFFF0000
6150.  
6151. Memory from 0x00000000B6C85144
6152. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6153. 04 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
6154. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6155. 05 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
6156. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6157.  
6158. Stack Trace
6159. 0: NtWaitForSingleObject 0x00000014
6160. 1: WaitForSingleObjectEx 0x0000008F
6161. 2: DllCanUnloadNowInternal 0x00002202
6162. 3: DllCanUnloadNowInternal 0x0000237F
6163. 4: DllCanUnloadNowInternal 0x000023EA
6164. 5: InstallCustomModule 0x00001C7F
6165. 6: BaseThreadInitThunk 0x00000022
6166. 7: RtlUserThreadStart 0x00000034
6167.  
6168.  
6169.  
6170. ------------------------------
6171. THREAD ID: 0x000017DC
6172. got context
6173. Module path: C:\Windows\SYSTEM32\ntdll.dll
6174. PC: 0x0000000087B55164 ModuleOffset: 0x00000000B6C85164
6175. RAX: 0x0000000000000000 RBX: 0x0000000000000000 RCX: 0x0000000035ED1DB8
6176. RDX: 0x0000000035ED1DB8 RDI: 0x0000000000000608 RSI: 0x0000000000004E20
6177. RSP: 0x0000000051FFEDC8 RIP: 0x00000000B6C85164 RBP: 0x0000000051FFEF50
6178. R8 : 0x0000000000000000 R9 : 0x0000000051FFE4A8 R10: 0x00000000A1C54708
6179. R11: 0x00000000311EA9F0 R12: 0x0000000000000001 R13: 0x0000000000000000
6180. R14: 0x0000000051FFEDF8 R15: 0x00000000FFFF0000
6181.  
6182. Memory from 0x00000000B6C85144
6183. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6184. 04 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
6185. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6186. 05 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
6187. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6188.  
6189. Stack Trace
6190. 0: NtWaitForSingleObject 0x00000014
6191. 1: WaitForSingleObjectEx 0x0000008F
6192. 2: DllCanUnloadNowInternal 0x00002202
6193. 3: DllCanUnloadNowInternal 0x0000237F
6194. 4: DllCanUnloadNowInternal 0x000023EA
6195. 5: InstallCustomModule 0x00001C7F
6196. 6: BaseThreadInitThunk 0x00000022
6197. 7: RtlUserThreadStart 0x00000034
6198.  
6199.  
6200.  
6201. ------------------------------
6202. THREAD ID: 0x00001978
6203. got context
6204. Module path: C:\Windows\SYSTEM32\ntdll.dll
6205. PC: 0x0000000087B55164 ModuleOffset: 0x00000000B6C85164
6206. RAX: 0x00000000FE89DE40 RBX: 0x0000000000000000 RCX: 0x000000004A86FBB5
6207. RDX: 0x0000000038D64800 RDI: 0x0000000000000608 RSI: 0x0000000000004E20
6208. RSP: 0x00000000523FF018 RIP: 0x00000000B6C85164 RBP: 0x00000000523FF1A0
6209. R8 : 0x0000000038D64800 R9 : 0x00000000456F2698 R10: 0x0000000045E920F0
6210. R11: 0x0000000049BBAB80 R12: 0x0000000000000001 R13: 0x0000000000000000
6211. R14: 0x00000000523FF048 R15: 0x00000000FFFF0000
6212.  
6213. Memory from 0x00000000B6C85144
6214. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6215. 04 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
6216. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6217. 05 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
6218. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6219.  
6220. Stack Trace
6221. 0: NtWaitForSingleObject 0x00000014
6222. 1: WaitForSingleObjectEx 0x0000008F
6223. 2: DllCanUnloadNowInternal 0x00002202
6224. 3: DllCanUnloadNowInternal 0x0000237F
6225. 4: DllCanUnloadNowInternal 0x000023EA
6226. 5: InstallCustomModule 0x00001C7F
6227. 6: BaseThreadInitThunk 0x00000022
6228. 7: RtlUserThreadStart 0x00000034
6229.  
6230.  
6231.  
6232. ------------------------------
6233. THREAD ID: 0x00001A78
6234. got context
6235. Module path: C:\Windows\SYSTEM32\ntdll.dll
6236. PC: 0x0000000087B551A4 ModuleOffset: 0x00000000B6C851A4
6237. RAX: 0x0000000000000001 RBX: 0x00000000527FE498 RCX: 0x0000000000000000
6238. RDX: 0x000000000000000A RDI: 0x0000000000000000 RSI: 0x00000000000012E4
6239. RSP: 0x00000000527FE2F8 RIP: 0x00000000B6C851A4 RBP: 0x00000000527FE450
6240. R8 : 0x00000000FFFEFFF5 R9 : 0x0000000000000000 R10: 0x0000000000000000
6241. R11: 0x00000000527FEED0 R12: 0x0000000000000001 R13: 0x00000000527FE970
6242. R14: 0x0000000000000000 R15: 0x0000000000000000
6243.  
6244. Memory from 0x00000000B6C85184
6245. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6246. 06 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
6247. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6248. 07 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
6249. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6250.  
6251. Stack Trace
6252. 0: ZwReadFile 0x00000014
6253.  
6254.  
6255.  
6256. ------------------------------
6257. THREAD ID: 0x00002504
6258. got context
6259. Module path: C:\Windows\SYSTEM32\ntdll.dll
6260. PC: 0x0000000087B55164 ModuleOffset: 0x00000000B6C85164
6261. RAX: 0x0000000040000024 RBX: 0x0000000000000000 RCX: 0x00000000B6C85764
6262. RDX: 0x0000000000000000 RDI: 0x0000000000000608 RSI: 0x0000000000004E20
6263. RSP: 0x0000000052BFEF38 RIP: 0x00000000B6C85164 RBP: 0x0000000052BFF0C0
6264. R8 : 0x0000000052BFEFC8 R9 : 0x0000000000000000 R10: 0x0000000000000000
6265. R11: 0x0000000000000246 R12: 0x0000000000000001 R13: 0x0000000000000000
6266. R14: 0x0000000052BFEF68 R15: 0x00000000FFFF0000
6267.  
6268. Memory from 0x00000000B6C85144
6269. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6270. 04 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
6271. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6272. 05 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
6273. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6274.  
6275. Stack Trace
6276. 0: NtWaitForSingleObject 0x00000014
6277. 1: WaitForSingleObjectEx 0x0000008F
6278. 2: DllCanUnloadNowInternal 0x00002202
6279. 3: DllCanUnloadNowInternal 0x0000237F
6280. 4: DllCanUnloadNowInternal 0x000023EA
6281. 5: InstallCustomModule 0x00001C7F
6282. 6: BaseThreadInitThunk 0x00000022
6283. 7: RtlUserThreadStart 0x00000034
6284.  
6285.  
6286.  
6287. ------------------------------
6288. THREAD ID: 0x00001908
6289. got context
6290. Module path: C:\Windows\SYSTEM32\ntdll.dll
6291. PC: 0x0000000087B551A4 ModuleOffset: 0x00000000B6C851A4
6292. RAX: 0x0000000000000001 RBX: 0x0000000052FFE458 RCX: 0x0000000000000000
6293. RDX: 0x000000000000000A RDI: 0x0000000000000000 RSI: 0x00000000000012E4
6294. RSP: 0x0000000052FFE2B8 RIP: 0x00000000B6C851A4 RBP: 0x0000000052FFE410
6295. R8 : 0x00000000FFFEFFF5 R9 : 0x0000000000000000 R10: 0x0000000000000000
6296. R11: 0x0000000052FFEE90 R12: 0x0000000000000001 R13: 0x0000000052FFE930
6297. R14: 0x0000000000000000 R15: 0x0000000000000000
6298.  
6299. Memory from 0x00000000B6C85184
6300. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6301. 06 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
6302. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6303. 07 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
6304. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6305.  
6306. Stack Trace
6307. 0: ZwReadFile 0x00000014
6308. 1: ReadFile 0x00000074
6309. 14: DllCanUnloadNowInternal 0x00000BE3
6310. 15: DllCanUnloadNowInternal 0x00000AA3
6311. 16: DllCanUnloadNowInternal 0x000012F5
6312. 17: DllCanUnloadNowInternal 0x00003009
6313. 18: DllCanUnloadNowInternal 0x000019A9
6314. 19: DllCanUnloadNowInternal 0x00001924
6315. 20: DllCanUnloadNowInternal 0x00001862
6316. 21: DllCanUnloadNowInternal 0x000019E3
6317. 22: DllCanUnloadNowInternal 0x00002F70
6318. 23: DllCanUnloadNowInternal 0x00001E9C
6319. 24: DllCanUnloadNowInternal 0x00001BC5
6320. 25: InstallCustomModule 0x00001C7F
6321. 26: BaseThreadInitThunk 0x00000022
6322. 27: RtlUserThreadStart 0x00000034
6323.  
6324.  
6325.  
6326. ------------------------------
6327. THREAD ID: 0x000037F0
6328. got context
6329. Module path: C:\Windows\SYSTEM32\ntdll.dll
6330. PC: 0x0000000087B551A4 ModuleOffset: 0x00000000B6C851A4
6331. RAX: 0x0000000040000024 RBX: 0x00000000533FE678 RCX: 0x00000000B6C85764
6332. RDX: 0x0000000000000000 RDI: 0x0000000000000000 RSI: 0x00000000000012EC
6333. RSP: 0x00000000533FE4D8 RIP: 0x00000000B6C851A4 RBP: 0x00000000533FE630
6334. R8 : 0x00000000533FEFE8 R9 : 0x0000000000000000 R10: 0x0000000000000000
6335. R11: 0x0000000000000246 R12: 0x0000000000000001 R13: 0x00000000533FEB50
6336. R14: 0x0000000000000000 R15: 0x0000000000000000
6337.  
6338. Memory from 0x00000000B6C85184
6339. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6340. 06 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
6341. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6342. 07 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
6343. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6344.  
6345. Stack Trace
6346. 0: ZwReadFile 0x00000014
6347. 1: ReadFile 0x00000074
6348. 14: DllCanUnloadNowInternal 0x00000BE3
6349. 15: DllCanUnloadNowInternal 0x00000AA3
6350. 16: DllCanUnloadNowInternal 0x000012F5
6351. 17: DllCanUnloadNowInternal 0x00003009
6352. 18: DllCanUnloadNowInternal 0x000019A9
6353. 19: DllCanUnloadNowInternal 0x00001924
6354. 20: DllCanUnloadNowInternal 0x00001862
6355. 21: DllCanUnloadNowInternal 0x000019E3
6356. 22: DllCanUnloadNowInternal 0x00002F70
6357. 23: DllCanUnloadNowInternal 0x00001E9C
6358. 24: DllCanUnloadNowInternal 0x00001BC5
6359. 25: InstallCustomModule 0x00001C7F
6360. 26: BaseThreadInitThunk 0x00000022
6361. 27: RtlUserThreadStart 0x00000034
6362.  
6363.  
6364.  
6365. ------------------------------
6366. THREAD ID: 0x00002798
6367. got context
6368. Module path: C:\Windows\SYSTEM32\ntdll.dll
6369. PC: 0x0000000087B55C34 ModuleOffset: 0x00000000B6C85C34
6370. RAX: 0x000000000000001A RBX: 0x0000000000000001 RCX: 0x00000000311EF1B0
6371. RDX: 0x0000000000000000 RDI: 0x0000000000000001 RSI: 0x0000000000000001
6372. RSP: 0x00000000537FDB98 RIP: 0x00000000B6C85C34 RBP: 0x00000000537FDFA9
6373. R8 : 0x00000000537FE688 R9 : 0x0000000000000000 R10: 0x0000000000000024
6374. R11: 0x000000000E8EFB77 R12: 0x00000000FFFFFFFF R13: 0x00000000537FE0F0
6375. R14: 0x0000000000000000 R15: 0x0000000000000001
6376.  
6377. Memory from 0x00000000B6C85C14
6378. FF 66 66 66 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6379. 5B 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
6380. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6381. 5C 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
6382. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6383.  
6384. Stack Trace
6385. 0: ZwWaitForMultipleObjects 0x00000014
6386. 1: WaitForMultipleObjectsEx 0x000000EF
6387. 2: GetMetaDataPublicInterfaceFromInternal 0x0003A95E
6388. 3: GetMetaDataPublicInterfaceFromInternal 0x0003A7F8
6389. 4: GetMetaDataPublicInterfaceFromInternal 0x0003A5F1
6390. 5: GetMetaDataPublicInterfaceFromInternal 0x0003EEB5
6391. 17: DllCanUnloadNowInternal 0x00000BE3
6392. 18: DllCanUnloadNowInternal 0x00000AA3
6393. 19: DllCanUnloadNowInternal 0x000012F5
6394. 20: DllCanUnloadNowInternal 0x00003009
6395. 21: DllCanUnloadNowInternal 0x000019A9
6396. 22: DllCanUnloadNowInternal 0x00001924
6397. 23: DllCanUnloadNowInternal 0x00001862
6398. 24: DllCanUnloadNowInternal 0x000019E3
6399. 25: DllCanUnloadNowInternal 0x00002F70
6400. 26: DllCanUnloadNowInternal 0x00001E9C
6401. 27: DllCanUnloadNowInternal 0x00001BC5
6402. 28: InstallCustomModule 0x00001C7F
6403. 29: BaseThreadInitThunk 0x00000022
6404. 30: RtlUserThreadStart 0x00000034
6405.  
6406.  
6407.  
6408. ------------------------------
6409. THREAD ID: 0x00000F6C
6410. got context
6411. Module path: C:\Windows\SYSTEM32\ntdll.dll
6412. PC: 0x0000000087B55164 ModuleOffset: 0x00000000B6C85164
6413. RAX: 0x0000000000000000 RBX: 0x0000000000000000 RCX: 0x0000000053BFEE78
6414. RDX: 0x0000000000000000 RDI: 0x0000000000000608 RSI: 0x0000000000004E20
6415. RSP: 0x0000000053BFED28 RIP: 0x00000000B6C85164 RBP: 0x0000000053BFEEB0
6416. R8 : 0x0000000047FE4000 R9 : 0x0000000000000000 R10: 0x0000000000000000
6417. R11: 0x0000000053BFEE58 R12: 0x0000000000000001 R13: 0x0000000000000000
6418. R14: 0x0000000053BFED58 R15: 0x00000000FFFF0000
6419.  
6420. Memory from 0x00000000B6C85144
6421. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6422. 04 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
6423. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6424. 05 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
6425. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6426.  
6427. Stack Trace
6428. 0: NtWaitForSingleObject 0x00000014
6429. 1: WaitForSingleObjectEx 0x0000008F
6430. 2: DllCanUnloadNowInternal 0x00002223
6431. 3: DllCanUnloadNowInternal 0x00002343
6432. 4: DllCanUnloadNowInternal 0x000023EA
6433. 5: InstallCustomModule 0x00001C7F
6434. 6: BaseThreadInitThunk 0x00000022
6435. 7: RtlUserThreadStart 0x00000034
6436.  
6437.  
6438.  
6439. ------------------------------
6440. THREAD ID: 0x000026E4
6441. got context
6442. Module path: C:\Windows\SYSTEM32\ntdll.dll
6443. PC: 0x0000000087B551A4 ModuleOffset: 0x00000000B6C851A4
6444. RAX: 0x0000000000000000 RBX: 0x0000000053FFDDF8 RCX: 0x0000000000000FE0
6445. RDX: 0x0000000000000000 RDI: 0x0000000000000000 RSI: 0x00000000000012E4
6446. RSP: 0x0000000053FFDC58 RIP: 0x00000000B6C851A4 RBP: 0x0000000053FFDDB0
6447. R8 : 0x0000000000002000 R9 : 0x00000000FFFFFFF8 R10: 0x00000000FFFFFFFF
6448. R11: 0x0000000038EDBFE0 R12: 0x0000000000000001 R13: 0x0000000053FFE2D0
6449. R14: 0x0000000000000000 R15: 0x0000000000000000
6450.  
6451. Memory from 0x00000000B6C85184
6452. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6453. 06 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
6454. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6455. 07 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
6456. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6457.  
6458. Stack Trace
6459. 0: ZwReadFile 0x00000014
6460. 1: ReadFile 0x00000074
6461. 14: DllCanUnloadNowInternal 0x00000BE3
6462. 15: DllCanUnloadNowInternal 0x00000AA3
6463. 16: DllCanUnloadNowInternal 0x000012F5
6464. 17: DllCanUnloadNowInternal 0x00003009
6465. 18: DllCanUnloadNowInternal 0x000019A9
6466. 19: DllCanUnloadNowInternal 0x00001924
6467. 20: DllCanUnloadNowInternal 0x00001862
6468. 21: DllCanUnloadNowInternal 0x000019E3
6469. 22: DllCanUnloadNowInternal 0x00002F70
6470. 23: DllCanUnloadNowInternal 0x00001E9C
6471. 24: DllCanUnloadNowInternal 0x00001BC5
6472. 25: InstallCustomModule 0x00001C7F
6473. 26: BaseThreadInitThunk 0x00000022
6474. 27: RtlUserThreadStart 0x00000034
6475.  
6476.  
6477.  
6478. ------------------------------
6479. THREAD ID: 0x00001F24
6480. got context
6481. Module path: C:\Windows\SYSTEM32\ntdll.dll
6482. PC: 0x0000000087B55164 ModuleOffset: 0x00000000B6C85164
6483. RAX: 0x0000000000000000 RBX: 0x0000000000000000 RCX: 0x00000000B6C85764
6484. RDX: 0x0000000000000000 RDI: 0x0000000000000608 RSI: 0x0000000000004E20
6485. RSP: 0x00000000543FE958 RIP: 0x00000000B6C85164 RBP: 0x00000000543FEAE0
6486. R8 : 0x00000000543FE9E8 R9 : 0x0000000000000000 R10: 0x0000000000000000
6487. R11: 0x0000000000000246 R12: 0x0000000000000001 R13: 0x0000000000000000
6488. R14: 0x00000000543FE988 R15: 0x00000000FFFF0000
6489.  
6490. Memory from 0x00000000B6C85144
6491. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6492. 04 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
6493. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6494. 05 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
6495. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6496.  
6497. Stack Trace
6498. 0: NtWaitForSingleObject 0x00000014
6499. 1: WaitForSingleObjectEx 0x0000008F
6500. 2: DllCanUnloadNowInternal 0x00002202
6501. 3: DllCanUnloadNowInternal 0x0000237F
6502. 4: DllCanUnloadNowInternal 0x000023EA
6503. 5: InstallCustomModule 0x00001C7F
6504. 6: BaseThreadInitThunk 0x00000022
6505. 7: RtlUserThreadStart 0x00000034
6506.  
6507.  
6508.  
6509. ------------------------------
6510. THREAD ID: 0x00001F0C
6511. got context
6512. Module path: C:\Windows\SYSTEM32\ntdll.dll
6513. PC: 0x0000000087B55764 ModuleOffset: 0x00000000B6C85764
6514. RAX: 0x0000000000000000 RBX: 0x0000000000000001 RCX: 0x00000000547FE1B0
6515. RDX: 0x000000007C8E93B0 RDI: 0x0000000000000000 RSI: 0x000000000000003E
6516. RSP: 0x00000000547FDEA8 RIP: 0x00000000B6C85764 RBP: 0x000000000000003E
6517. R8 : 0x0000000000000000 R9 : 0x000000000000003E R10: 0x0000000000000000
6518. R11: 0x0000000049BDA540 R12: 0x0000000000000000 R13: 0x00000000547FE4C0
6519. R14: 0x00000000547FDED0 R15: 0x0000000000000000
6520.  
6521. Memory from 0x00000000B6C85744
6522. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6523. 34 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
6524. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6525. 35 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
6526. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6527.  
6528. Stack Trace
6529. 0: ZwDelayExecution 0x00000014
6530. 1: SleepEx 0x000000A7
6531. 2: LogHelp_LogAssert 0x00000B13
6532. 3: GetMetaDataPublicInterfaceFromInternal 0x00008830
6533. 4: GetMetaDataPublicInterfaceFromInternal 0x0000870D
6534. 12: DllCanUnloadNowInternal 0x00000BE3
6535. 13: DllCanUnloadNowInternal 0x00000AA3
6536. 14: DllCanUnloadNowInternal 0x000012F5
6537. 15: GetPrivateContextsPerfCounters 0x00007B79
6538. 16: DllCanUnloadNowInternal 0x000019A9
6539. 17: DllCanUnloadNowInternal 0x00001924
6540. 18: DllCanUnloadNowInternal 0x00001862
6541. 19: DllCanUnloadNowInternal 0x000019E3
6542. 20: GetPrivateContextsPerfCounters 0x00007A5B
6543. 21: InstallCustomModule 0x00001C7F
6544. 22: BaseThreadInitThunk 0x00000022
6545. 23: RtlUserThreadStart 0x00000034
6546.  
6547.  
6548.  
6549. ------------------------------
6550. THREAD ID: 0x00002124
6551. got context
6552. Module path: C:\Windows\SYSTEM32\ntdll.dll
6553. PC: 0x0000000087B55164 ModuleOffset: 0x00000000B6C85164
6554. RAX: 0x0000000000000001 RBX: 0x0000000000000000 RCX: 0x000000004A1B5468
6555. RDX: 0x0000000000010002 RDI: 0x0000000000000164 RSI: 0x00000000FFFFFFFF
6556. RSP: 0x000000005487EA98 RIP: 0x00000000B6C85164 RBP: 0x0000000049BD9D70
6557. R8 : 0x000000002F3C1B00 R9 : 0x0000000000000000 R10: 0x0000000000000000
6558. R11: 0x0000000000000064 R12: 0x0000000000000000 R13: 0x0000000080000000
6559. R14: 0x0000000000000000 R15: 0x0000000000000000
6560.  
6561. Memory from 0x00000000B6C85144
6562. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6563. 04 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
6564. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6565. 05 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
6566. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6567.  
6568. Stack Trace
6569. 0: NtWaitForSingleObject 0x00000014
6570. 1: WaitForSingleObjectEx 0x0000008F
6571. 2: GetMetaDataPublicInterfaceFromInternal 0x00008D67
6572. 3: GetMetaDataPublicInterfaceFromInternal 0x00008D1F
6573. 4: GetMetaDataPublicInterfaceFromInternal 0x00008CE0
6574. 5: GetPrivateContextsPerfCounters 0x00000E3C
6575. 6: InstallCustomModule 0x00001C7F
6576. 7: BaseThreadInitThunk 0x00000022
6577. 8: RtlUserThreadStart 0x00000034
6578.  
6579.  
6580.  
6581. ------------------------------
6582. THREAD ID: 0x000025F8
6583. got context
6584. Module path: C:\Windows\SYSTEM32\ntdll.dll
6585. PC: 0x0000000087B587F4 ModuleOffset: 0x00000000B6C887F4
6586. RAX: 0x0000000000000000 RBX: 0x000000002F2B4540 RCX: 0x00000000B6C0B350
6587. RDX: 0x000000004A04B310 RDI: 0x0000000000000000 RSI: 0x0000000000000010
6588. RSP: 0x0000000054C7FA58 RIP: 0x00000000B6C887F4 RBP: 0x0000000000000000
6589. R8 : 0x0000000000000000 R9 : 0x0000000000000000 R10: 0x0000000000000000
6590. R11: 0x0000000000000000 R12: 0x0000000000000000 R13: 0x00000000B6C0E130
6591. R14: 0x00000000B6BE9AF0 R15: 0x000000004A04B310
6592.  
6593. Memory from 0x00000000B6C887D4
6594. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6595. B9 01 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
6596. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6597. BA 01 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
6598. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6599.  
6600. Stack Trace
6601. 0: ZwWaitForWorkViaWorkerFactory 0x00000014
6602. 1: RtlAcquireSRWLockShared 0x00003E28
6603. 2: BaseThreadInitThunk 0x00000022
6604. 3: RtlUserThreadStart 0x00000034
6605.  
6606.  
6607.  
6608. ------------------------------
6609. THREAD ID: 0x00001014
6610. got context
6611. Module path: C:\Windows\SYSTEM32\ntdll.dll
6612. PC: 0x0000000087B55C34 ModuleOffset: 0x00000000B6C85C34
6613. RAX: 0x0000000000000000 RBX: 0x0000000000000001 RCX: 0x00000000B3E664D0
6614. RDX: 0x00000000499BC980 RDI: 0x0000000000000001 RSI: 0x0000000000000000
6615. RSP: 0x000000005507F588 RIP: 0x00000000B6C85C34 RBP: 0x0000000000000000
6616. R8 : 0x0000000000000000 R9 : 0x0000000000000000 R10: 0x0000000000000000
6617. R11: 0x0000000000000000 R12: 0x0000000000003A98 R13: 0x00000000499BC990
6618. R14: 0x000000005507F5E0 R15: 0x0000000000000000
6619.  
6620. Memory from 0x00000000B6C85C14
6621. FF 66 66 66 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6622. 5B 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
6623. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6624. 5C 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
6625. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6626.  
6627. Stack Trace
6628. 0: ZwWaitForMultipleObjects 0x00000014
6629. 1: WaitForMultipleObjectsEx 0x000000EF
6630. 2: CryptGetDefaultOIDFunctionAddress 0x00000520
6631. 3: BaseThreadInitThunk 0x00000022
6632. 4: RtlUserThreadStart 0x00000034
6633.  
6634.  
6635.  
6636. ------------------------------
6637. THREAD ID: 0x0000164C
6638. got context
6639. Module path: C:\Windows\SYSTEM32\ntdll.dll
6640. PC: 0x0000000087B56D54 ModuleOffset: 0x00000000B6C86D54
6641. RAX: 0x0000000000000B6A RBX: 0x0000000000000001 RCX: 0x0000000000013FBC
6642. RDX: 0x00000000557F0000 RDI: 0x0000000000001008 RSI: 0x00000000000011DC
6643. RSP: 0x000000005587D968 RIP: 0x00000000B6C86D54 RBP: 0x00000000000010BC
6644. R8 : 0x0000000000000B69 R9 : 0x00000000000010BC R10: 0x0000000000000000
6645. R11: 0x0000000000000246 R12: 0x00000000AEEB1A20 R13: 0x0000000000000001
6646. R14: 0x000000005587E0F0 R15: 0x00000000FFFFFFFF
6647.  
6648. Memory from 0x00000000B6C86D34
6649. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6650. E4 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
6651. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6652. E5 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
6653. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6654.  
6655. Stack Trace
6656. 0: NtGetContextThread 0x00000014
6657.  
6658.  
6659.  
6660. ------------------------------
6661. THREAD ID: 0x00000B64
6662. got context
6663. Module path: C:\Windows\system32\USER32.dll
6664. PC: 0x0000000085BF21D4 ModuleOffset: 0x00000000B4D221D4
6665. RAX: 0x0000000000000008 RBX: 0x0000000055C7F820 RCX: 0x000000004A283660
6666. RDX: 0x000000004A29C6C0 RDI: 0x00000000483FDB50 RSI: 0x0000000000000000
6667. RSP: 0x0000000055C7F708 RIP: 0x00000000B4D221D4 RBP: 0x000000004A3E94B0
6668. R8 : 0x0000000000000001 R9 : 0x0000000000000002 R10: 0x00000000AC29CB80
6669. R11: 0x00000000B6C8B9D7 R12: 0x00000000000003C0 R13: 0x0000000089680000
6670. R14: 0x0000000055C7F7E8 R15: 0x000000000000AC44
6671.  
6672. Memory from 0x00000000B4D221B4
6673. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6674. 09 10 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
6675. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6676. 0A 10 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
6677. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6678.  
6679. Stack Trace
6680. 0: InvalidateRect 0x00000054
6681. 1: GetMessageA 0x00000044
6682. 2: alcMakeContextCurrent 0x0000D48A
6683. 3: BaseThreadInitThunk 0x00000022
6684. 4: RtlUserThreadStart 0x00000034
6685.  
6686.  
6687.  
6688. ------------------------------
6689. THREAD ID: 0x00002CB4
6690. got context
6691. Module path: C:\Windows\SYSTEM32\ntdll.dll
6692. PC: 0x0000000087B55164 ModuleOffset: 0x00000000B6C85164
6693. RAX: 0x0000000030F20000 RBX: 0x0000000000000000 RCX: 0x0000000030F104B0
6694. RDX: 0x0000000030F10070 RDI: 0x0000000000000C7C RSI: 0x00000000000007D0
6695. RSP: 0x000000005647F868 RIP: 0x00000000B6C85164 RBP: 0x0000000000000F00
6696. R8 : 0x0000000000008B50 R9 : 0x00000000000003C0 R10: 0x000000004A2AE574
6697. R11: 0x000000005647F7C0 R12: 0x00000000B475D850 R13: 0x00000000000003C0
6698. R14: 0x000000005647F898 R15: 0x0000000000000000
6699.  
6700. Memory from 0x00000000B6C85144
6701. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6702. 04 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
6703. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6704. 05 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
6705. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6706.  
6707. Stack Trace
6708. 0: NtWaitForSingleObject 0x00000014
6709. 1: WaitForSingleObjectEx 0x0000008F
6710. 2: alcMakeContextCurrent 0x0000E700
6711. 3: alcMakeContextCurrent 0x00006D3D
6712. 4: BaseThreadInitThunk 0x00000022
6713. 5: RtlUserThreadStart 0x00000034
6714.  
6715.  
6716.  
6717. ------------------------------
6718. THREAD ID: 0x00002684
6719. got context
6720. Module path: C:\Windows\SYSTEM32\ntdll.dll
6721. PC: 0x0000000087B55C34 ModuleOffset: 0x00000000B6C85C34
6722. RAX: 0x0000000000000000 RBX: 0x0000000000000003 RCX: 0x0000000073729BF0
6723. RDX: 0x000000004A271800 RDI: 0x0000000000000003 RSI: 0x0000000000000000
6724. RSP: 0x000000005687F628 RIP: 0x00000000B6C85C34 RBP: 0x0000000000000001
6725. R8 : 0x0000000000000000 R9 : 0x0000000000000000 R10: 0x0000000000000000
6726. R11: 0x0000000000000000 R12: 0x00000000FFFFFFFF R13: 0x000000005687F990
6727. R14: 0x0000000000000000 R15: 0x0000000000000000
6728.  
6729. Memory from 0x00000000B6C85C14
6730. FF 66 66 66 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6731. 5B 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
6732. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6733. 5C 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
6734. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6735.  
6736. Stack Trace
6737. 0: ZwWaitForMultipleObjects 0x00000014
6738. 1: WaitForMultipleObjectsEx 0x000000EF
6739. 2: WaitForMultipleObjects 0x0000000E
6740. 3: DrvPresentBuffers 0x00023EC6
6741. 4: BaseThreadInitThunk 0x00000022
6742. 5: RtlUserThreadStart 0x00000034
6743.  
6744.  
6745.  
6746. ------------------------------
6747. THREAD ID: 0x00002B04
6748. got context
6749. Module path: C:\Windows\SYSTEM32\ntdll.dll
6750. PC: 0x0000000087B55764 ModuleOffset: 0x00000000B6C85764
6751. RAX: 0x0000000047FFE000 RBX: 0x0000000000000000 RCX: 0x00000000C00000B3
6752. RDX: 0x00000000C00000B3 RDI: 0x0000000000000000 RSI: 0x0000000000000064
6753. RSP: 0x0000000056C7EE78 RIP: 0x00000000B6C85764 RBP: 0x0000000056C7F020
6754. R8 : 0x0000000056C7EEA8 R9 : 0x0000000056C7F020 R10: 0x0000000000000000
6755. R11: 0x0000000000000246 R12: 0x00000000000010BC R13: 0x0000000000000000
6756. R14: 0x0000000056C7EEA0 R15: 0x0000000000000000
6757.  
6758. Memory from 0x00000000B6C85744
6759. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6760. 34 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
6761. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6762. 35 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
6763. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6764.  
6765. Stack Trace
6766. 0: ZwDelayExecution 0x00000014
6767. 1: SleepEx 0x000000A7
6768. 2: DllMain 0x0001DEB5
6769. 3: BaseThreadInitThunk 0x00000022
6770. 4: RtlUserThreadStart 0x00000034
6771.  
6772.  
6773.  
6774. ------------------------------
6775. THREAD ID: 0x00002078
6776. got context
6777. Module path: C:\Windows\SYSTEM32\ntdll.dll
6778. PC: 0x0000000087B55C34 ModuleOffset: 0x00000000B6C85C34
6779. RAX: 0x0000000000000000 RBX: 0x0000000000000007 RCX: 0x0000000000000001
6780. RDX: 0x000000005707F110 RDI: 0x0000000000000007 RSI: 0x0000000000000000
6781. RSP: 0x000000005707F308 RIP: 0x00000000B6C85C34 RBP: 0x0000000000000D98
6782. R8 : 0x0000000000000001 R9 : 0x000000005707F100 R10: 0x0000000047E00000
6783. R11: 0x00000000B6C8B9C7 R12: 0x00000000FFFFFFFF R13: 0x000000005707F640
6784. R14: 0x0000000000000000 R15: 0x0000000000000000
6785.  
6786. Memory from 0x00000000B6C85C14
6787. FF 66 66 66 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6788. 5B 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
6789. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6790. 5C 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
6791. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6792.  
6793. Stack Trace
6794. 0: ZwWaitForMultipleObjects 0x00000014
6795. 1: WaitForMultipleObjectsEx 0x000000EF
6796. 2: MsgWaitForMultipleObjects 0x000001E9
6797. 3: MsgWaitForMultipleObjects 0x0000006B
6798. 4: DrvValidateVersion 0x0000383D
6799. 5: BaseThreadInitThunk 0x00000022
6800. 6: RtlUserThreadStart 0x00000034
6801.  
6802.  
6803.  
6804. ------------------------------
6805. THREAD ID: 0x00001810
6806. got context
6807. Module path: C:\Windows\SYSTEM32\ntdll.dll
6808. PC: 0x0000000087B55164 ModuleOffset: 0x00000000B6C85164
6809. RAX: 0x00000000A0B3E164 RBX: 0x0000000000000000 RCX: 0x0000000044426416
6810. RDX: 0x0000000000000000 RDI: 0x000000000000017C RSI: 0x0000000000004E20
6811. RSP: 0x000000005747F898 RIP: 0x00000000B6C85164 RBP: 0x000000004A20A230
6812. R8 : 0x0000000000000001 R9 : 0x0000000000400000 R10: 0x000000002A221323
6813. R11: 0x0000000000000006 R12: 0x0000000000000000 R13: 0x000000004A20A230
6814. R14: 0x000000005747F8C8 R15: 0x0000000000000000
6815.  
6816. Memory from 0x00000000B6C85144
6817. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6818. 04 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
6819. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6820. 05 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
6821. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6822.  
6823. Stack Trace
6824. 0: NtWaitForSingleObject 0x00000014
6825. 1: WaitForSingleObjectEx 0x0000008F
6826. 2: GetMetaDataPublicInterfaceFromInternal 0x00008D67
6827. 3: GetMetaDataPublicInterfaceFromInternal 0x00008D1F
6828. 4: GetMetaDataPublicInterfaceFromInternal 0x00008CE0
6829. 5: GetMetaDataPublicInterfaceFromInternal 0x00053AEC
6830. 6: InstallCustomModule 0x00001C7F
6831. 7: BaseThreadInitThunk 0x00000022
6832. 8: RtlUserThreadStart 0x00000034
6833.  
6834.  
6835.  
6836. ------------------------------
6837. THREAD ID: 0x00001500
6838. got context
6839. Module path: C:\Windows\SYSTEM32\ntdll.dll
6840. PC: 0x0000000087B55764 ModuleOffset: 0x00000000B6C85764
6841. RAX: 0x00000000000000C0 RBX: 0x0000000000000001 RCX: 0x0000000000000000
6842. RDX: 0x0000000000000000 RDI: 0x0000000000000000 RSI: 0x00000000FFFFFFFF
6843. RSP: 0x0000000047DCFBA8 RIP: 0x00000000B6C85764 RBP: 0x0000000000000000
6844. R8 : 0x0000000000000000 R9 : 0x0000000000000000 R10: 0x0000000000000000
6845. R11: 0x0000000000000000 R12: 0x0000000000000000 R13: 0x0000000000000000
6846. R14: 0x0000000047DCFBD0 R15: 0x0000000000000000
6847.  
6848. Memory from 0x00000000B6C85744
6849. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6850. 34 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
6851. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6852. 35 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
6853. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6854.  
6855. Stack Trace
6856. 0: ZwDelayExecution 0x00000014
6857. 1: SleepEx 0x000000A7
6858. 2: DllCanUnloadNowInternal 0x00003FAD
6859. 3: DllCanUnloadNowInternal 0x00003F5F
6860. 4: BaseThreadInitThunk 0x00000022
6861. 5: RtlUserThreadStart 0x00000034
6862.  
6863.  
6864.  
6865. ------------------------------
6866. THREAD ID: 0x00002CB0
6867. got context
6868. Module path: C:\Windows\SYSTEM32\ntdll.dll
6869. PC: 0x0000000087B55C34 ModuleOffset: 0x00000000B6C85C34
6870. RAX: 0x0000000000000000 RBX: 0x0000000000000002 RCX: 0x0000000000000FE0
6871. RDX: 0x0000000000000000 RDI: 0x0000000000000002 RSI: 0x0000000000000001
6872. RSP: 0x000000005787EC88 RIP: 0x00000000B6C85C34 RBP: 0x000000005787F099
6873. R8 : 0x0000000000002000 R9 : 0x00000000FFFFFFF8 R10: 0x00000000FFFFFFFF
6874. R11: 0x000000003339DFE0 R12: 0x0000000000017F4C R13: 0x000000005787F1C0
6875. R14: 0x000000005787ECE0 R15: 0x0000000000000000
6876.  
6877. Memory from 0x00000000B6C85C14
6878. FF 66 66 66 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6879. 5B 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
6880. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6881. 5C 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
6882. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6883.  
6884. Stack Trace
6885. 0: ZwWaitForMultipleObjects 0x00000014
6886. 1: WaitForMultipleObjectsEx 0x000000EF
6887. 2: GetMetaDataPublicInterfaceFromInternal 0x0003A95E
6888. 3: GetMetaDataPublicInterfaceFromInternal 0x0003A7F8
6889. 4: GetMetaDataPublicInterfaceFromInternal 0x0003A5F1
6890. 5: TranslateSecurityAttributes 0x001ABCCF
6891. 12: DllCanUnloadNowInternal 0x00000BE3
6892. 13: DllCanUnloadNowInternal 0x00000AA3
6893. 14: DllCanUnloadNowInternal 0x000012F5
6894. 15: GetPrivateContextsPerfCounters 0x00007B79
6895. 16: DllCanUnloadNowInternal 0x000019A9
6896. 17: DllCanUnloadNowInternal 0x00001924
6897. 18: DllCanUnloadNowInternal 0x00001862
6898. 19: DllCanUnloadNowInternal 0x000019E3
6899. 20: GetPrivateContextsPerfCounters 0x00007A5B
6900. 21: InstallCustomModule 0x00001C7F
6901. 22: BaseThreadInitThunk 0x00000022
6902. 23: RtlUserThreadStart 0x00000034
6903.  
6904.  
6905.  
6906. ------------------------------
6907. THREAD ID: 0x00001964
6908. got context
6909. Module path: C:\Windows\SYSTEM32\ntdll.dll
6910. PC: 0x0000000087B55164 ModuleOffset: 0x00000000B6C85164
6911. RAX: 0x0000000000000001 RBX: 0x0000000000000000 RCX: 0x00000000B6C85764
6912. RDX: 0x0000000000000000 RDI: 0x0000000000000608 RSI: 0x0000000000004E20
6913. RSP: 0x0000000057C7F8A8 RIP: 0x00000000B6C85164 RBP: 0x0000000057C7FA30
6914. R8 : 0x0000000057C7F938 R9 : 0x0000000000000000 R10: 0x0000000000000000
6915. R11: 0x0000000000000246 R12: 0x0000000000000001 R13: 0x0000000000000000
6916. R14: 0x0000000057C7F8D8 R15: 0x00000000FFFF0000
6917.  
6918. Memory from 0x00000000B6C85144
6919. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6920. 04 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
6921. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6922. 05 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
6923. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6924.  
6925. Stack Trace
6926. 0: NtWaitForSingleObject 0x00000014
6927. 1: WaitForSingleObjectEx 0x0000008F
6928. 2: DllCanUnloadNowInternal 0x00002202
6929. 3: DllCanUnloadNowInternal 0x0000237F
6930. 4: DllCanUnloadNowInternal 0x000023EA
6931. 5: InstallCustomModule 0x00001C7F
6932. 6: BaseThreadInitThunk 0x00000022
6933. 7: RtlUserThreadStart 0x00000034
6934.  
6935.  
6936.  
6937. ------------------------------
6938. THREAD ID: 0x00002998
6939. Did NOT get context (Error: 0x00000000)
6940.  
6941.  
6942.  
6943. ------------------------------
6944. THREAD ID: 0x0000372C
6945. got context
6946. Module path: C:\Windows\SYSTEM32\ntdll.dll
6947. PC: 0x0000000087B55204 ModuleOffset: 0x00000000B6C85204
6948. RAX: 0x00000000FBEDC3E8 RBX: 0x0000000058C7F6C8 RCX: 0x000000005E98C3E9
6949. RDX: 0x00000000A35E98C3 RDI: 0x0000000058C7F738 RSI: 0x0000000080010000
6950. RSP: 0x0000000058C7F618 RIP: 0x00000000B6C85204 RBP: 0x0000000058C7F6E0
6951. R8 : 0x000000000000005F R9 : 0x000000000000005F R10: 0x0000000000000000
6952. R11: 0x0000000058C7E8B0 R12: 0x0000000000000000 R13: 0x0000000000000000
6953. R14: 0x0000000000000000 R15: 0x0000000000000000
6954.  
6955. Memory from 0x00000000B6C851E4
6956. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6957. 09 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
6958. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6959. 0A 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
6960. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6961.  
6962. Stack Trace
6963. 0: NtRemoveIoCompletion 0x00000014
6964. 1: GetQueuedCompletionStatus 0x00000052
6965. 2: GetMetaDataPublicInterfaceFromInternal 0x00029FCC
6966. 3: InstallCustomModule 0x00001C7F
6967. 4: BaseThreadInitThunk 0x00000022
6968. 5: RtlUserThreadStart 0x00000034
6969.  
6970.  
6971.  
6972. ------------------------------
6973. THREAD ID: 0x00002AD4
6974. got context
6975. Module path: C:\Windows\SYSTEM32\ntdll.dll
6976. PC: 0x0000000087B55764 ModuleOffset: 0x00000000B6C85764
6977. RAX: 0x0000000000000001 RBX: 0x0000000000000001 RCX: 0x0000000000016170
6978. RDX: 0x0000000000002000 RDI: 0x0000000000000000 RSI: 0x000000000000003E
6979. RSP: 0x000000005907E958 RIP: 0x00000000B6C85764 RBP: 0x000000000000003E
6980. R8 : 0x0000000000002000 R9 : 0x00000000FFFFFFFF R10: 0x00000000A4E48258
6981. R11: 0x0000000000000018 R12: 0x0000000000000000 R13: 0x000000005907EF70
6982. R14: 0x000000005907E980 R15: 0x0000000000000000
6983.  
6984. Memory from 0x00000000B6C85744
6985. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6986. 34 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
6987. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6988. 35 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
6989. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
6990.  
6991. Stack Trace
6992. 0: ZwDelayExecution 0x00000014
6993. 1: SleepEx 0x000000A7
6994. 2: LogHelp_LogAssert 0x00000B13
6995. 3: GetMetaDataPublicInterfaceFromInternal 0x00008830
6996. 4: GetMetaDataPublicInterfaceFromInternal 0x0000870D
6997. 12: DllCanUnloadNowInternal 0x00000BE3
6998. 13: DllCanUnloadNowInternal 0x00000AA3
6999. 14: DllCanUnloadNowInternal 0x000012F5
7000. 15: GetPrivateContextsPerfCounters 0x00007B79
7001. 16: DllCanUnloadNowInternal 0x000019A9
7002. 17: DllCanUnloadNowInternal 0x00001924
7003. 18: DllCanUnloadNowInternal 0x00001862
7004. 19: DllCanUnloadNowInternal 0x000019E3
7005. 20: GetPrivateContextsPerfCounters 0x00007A5B
7006. 21: InstallCustomModule 0x00001C7F
7007. 22: BaseThreadInitThunk 0x00000022
7008. 23: RtlUserThreadStart 0x00000034
7009.  
7010.  
7011.  
7012. ------------------------------
7013. THREAD ID: 0x00002868
7014. got context
7015. Module path: C:\Windows\SYSTEM32\ntdll.dll
7016. PC: 0x0000000087B55764 ModuleOffset: 0x00000000B6C85764
7017. RAX: 0x0000000000000000 RBX: 0x0000000000000001 RCX: 0x00000000A468CC2A
7018. RDX: 0x00000000A4500000 RDI: 0x0000000000000000 RSI: 0x000000000000003E
7019. RSP: 0x000000005947EB38 RIP: 0x00000000B6C85764 RBP: 0x000000000000003E
7020. R8 : 0x000000004A109568 R9 : 0x00000000FFFFFFFF R10: 0x0000000000000000
7021. R11: 0x0000000000000018 R12: 0x0000000000000000 R13: 0x000000005947F150
7022. R14: 0x000000005947EB60 R15: 0x0000000000000000
7023.  
7024. Memory from 0x00000000B6C85744
7025. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
7026. 34 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
7027. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
7028. 35 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
7029. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
7030.  
7031. Stack Trace
7032. 0: ZwDelayExecution 0x00000014
7033. 1: SleepEx 0x000000A7
7034. 2: LogHelp_LogAssert 0x00000B13
7035. 3: GetMetaDataPublicInterfaceFromInternal 0x00008830
7036. 4: GetMetaDataPublicInterfaceFromInternal 0x0000870D
7037. 12: DllCanUnloadNowInternal 0x00000BE3
7038. 13: DllCanUnloadNowInternal 0x00000AA3
7039. 14: DllCanUnloadNowInternal 0x000012F5
7040. 15: GetPrivateContextsPerfCounters 0x00007B79
7041. 16: DllCanUnloadNowInternal 0x000019A9
7042. 17: DllCanUnloadNowInternal 0x00001924
7043. 18: DllCanUnloadNowInternal 0x00001862
7044. 19: DllCanUnloadNowInternal 0x000019E3
7045. 20: GetPrivateContextsPerfCounters 0x00007A5B
7046. 21: InstallCustomModule 0x00001C7F
7047. 22: BaseThreadInitThunk 0x00000022
7048. 23: RtlUserThreadStart 0x00000034
7049.  
7050.  
7051.  
7052. ------------------------------
7053. THREAD ID: 0x000019F4
7054. got context
7055. Module path: C:\Windows\SYSTEM32\ntdll.dll
7056. PC: 0x0000000087B55764 ModuleOffset: 0x00000000B6C85764
7057. RAX: 0x0000000000000000 RBX: 0x0000000000000001 RCX: 0x0000000000000001
7058. RDX: 0x0000000000000090 RDI: 0x0000000000000000 RSI: 0x000000000000003E
7059. RSP: 0x000000005987EB98 RIP: 0x00000000B6C85764 RBP: 0x000000000000003E
7060. R8 : 0x000000000000003E R9 : 0x000000000000003E R10: 0x0000000000000000
7061. R11: 0x000000005987EE10 R12: 0x0000000000000000 R13: 0x000000005987F1B0
7062. R14: 0x000000005987EBC0 R15: 0x0000000000000000
7063.  
7064. Memory from 0x00000000B6C85744
7065. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
7066. 34 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
7067. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
7068. 35 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
7069. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
7070.  
7071. Stack Trace
7072. 0: ZwDelayExecution 0x00000014
7073. 1: SleepEx 0x000000A7
7074. 2: LogHelp_LogAssert 0x00000B13
7075. 3: GetMetaDataPublicInterfaceFromInternal 0x00008830
7076. 4: GetMetaDataPublicInterfaceFromInternal 0x0000870D
7077. 12: DllCanUnloadNowInternal 0x00000BE3
7078. 13: DllCanUnloadNowInternal 0x00000AA3
7079. 14: DllCanUnloadNowInternal 0x000012F5
7080. 15: GetPrivateContextsPerfCounters 0x00007B79
7081. 16: DllCanUnloadNowInternal 0x000019A9
7082. 17: DllCanUnloadNowInternal 0x00001924
7083. 18: DllCanUnloadNowInternal 0x00001862
7084. 19: DllCanUnloadNowInternal 0x000019E3
7085. 20: GetPrivateContextsPerfCounters 0x00007A5B
7086. 21: InstallCustomModule 0x00001C7F
7087. 22: BaseThreadInitThunk 0x00000022
7088. 23: RtlUserThreadStart 0x00000034
7089.  
7090.  
7091.  
7092. ------------------------------
7093. THREAD ID: 0x000015D4
7094. got context
7095. Module path: C:\Windows\SYSTEM32\ntdll.dll
7096. PC: 0x0000000087B55764 ModuleOffset: 0x00000000B6C85764
7097. RAX: 0x000000004111B898 RBX: 0x0000000000000001 RCX: 0x000000004509AA90
7098. RDX: 0x0000000044F90A88 RDI: 0x0000000000000000 RSI: 0x000000000000003E
7099. RSP: 0x0000000059C7EDB8 RIP: 0x00000000B6C85764 RBP: 0x000000000000003E
7100. R8 : 0x0000000000002000 R9 : 0x00000000FFFFFFFF R10: 0x0000000038B7E9A8
7101. R11: 0x000000004A20B1D0 R12: 0x0000000000000000 R13: 0x0000000059C7F3D0
7102. R14: 0x0000000059C7EDE0 R15: 0x0000000000000000
7103.  
7104. Memory from 0x00000000B6C85744
7105. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
7106. 34 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
7107. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
7108. 35 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
7109. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
7110.  
7111. Stack Trace
7112. 0: ZwDelayExecution 0x00000014
7113. 1: SleepEx 0x000000A7
7114. 2: LogHelp_LogAssert 0x00000B13
7115. 3: GetMetaDataPublicInterfaceFromInternal 0x00008830
7116. 4: GetMetaDataPublicInterfaceFromInternal 0x0000870D
7117. 12: DllCanUnloadNowInternal 0x00000BE3
7118. 13: DllCanUnloadNowInternal 0x00000AA3
7119. 14: DllCanUnloadNowInternal 0x000012F5
7120. 15: GetPrivateContextsPerfCounters 0x00007B79
7121. 16: DllCanUnloadNowInternal 0x000019A9
7122. 17: DllCanUnloadNowInternal 0x00001924
7123. 18: DllCanUnloadNowInternal 0x00001862
7124. 19: DllCanUnloadNowInternal 0x000019E3
7125. 20: GetPrivateContextsPerfCounters 0x00007A5B
7126. 21: InstallCustomModule 0x00001C7F
7127. 22: BaseThreadInitThunk 0x00000022
7128. 23: RtlUserThreadStart 0x00000034
7129.  
7130.  
7131.  
7132. ------------------------------
7133. THREAD ID: 0x00001848
7134. got context
7135. Module path: C:\Windows\SYSTEM32\ntdll.dll
7136. PC: 0x0000000087B55764 ModuleOffset: 0x00000000B6C85764
7137. RAX: 0x0000000000000000 RBX: 0x0000000000000001 RCX: 0x0000000000000BC0
7138. RDX: 0x0000000000000000 RDI: 0x0000000000000000 RSI: 0x000000000000003E
7139. RSP: 0x000000005A0BE588 RIP: 0x00000000B6C85764 RBP: 0x000000000000003E
7140. R8 : 0x0000000000002000 R9 : 0x0000000000000000 R10: 0x00000000A4E48258
7141. R11: 0x0000000038BD2E60 R12: 0x0000000000000000 R13: 0x000000005A0BEBA0
7142. R14: 0x000000005A0BE5B0 R15: 0x0000000000000000
7143.  
7144. Memory from 0x00000000B6C85744
7145. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
7146. 34 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
7147. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
7148. 35 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
7149. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
7150.  
7151. Stack Trace
7152. 0: ZwDelayExecution 0x00000014
7153. 1: SleepEx 0x000000A7
7154. 2: LogHelp_LogAssert 0x00000B13
7155. 3: GetMetaDataPublicInterfaceFromInternal 0x00008830
7156. 4: GetMetaDataPublicInterfaceFromInternal 0x0000870D
7157. 12: DllCanUnloadNowInternal 0x00000BE3
7158. 13: DllCanUnloadNowInternal 0x00000AA3
7159. 14: DllCanUnloadNowInternal 0x000012F5
7160. 15: GetPrivateContextsPerfCounters 0x00007B79
7161. 16: DllCanUnloadNowInternal 0x000019A9
7162. 17: DllCanUnloadNowInternal 0x00001924
7163. 18: DllCanUnloadNowInternal 0x00001862
7164. 19: DllCanUnloadNowInternal 0x000019E3
7165. 20: GetPrivateContextsPerfCounters 0x00007A5B
7166. 21: InstallCustomModule 0x00001C7F
7167. 22: BaseThreadInitThunk 0x00000022
7168. 23: RtlUserThreadStart 0x00000034
7169.  
7170.  
7171.  
7172. ------------------------------
7173. THREAD ID: 0x00002D04
7174. got context
7175. Module path: C:\Windows\SYSTEM32\ntdll.dll
7176. PC: 0x0000000087B55764 ModuleOffset: 0x00000000B6C85764
7177. RAX: 0x0000000000000000 RBX: 0x0000000000000001 RCX: 0x0000000000001000
7178. RDX: 0x0000000000000000 RDI: 0x0000000000000000 RSI: 0x000000000000003E
7179. RSP: 0x000000005A4BE548 RIP: 0x00000000B6C85764 RBP: 0x000000000000003E
7180. R8 : 0x000000000000003E R9 : 0x000000005A4BE600 R10: 0x0000000000000000
7181. R11: 0x000000005A4BE848 R12: 0x0000000000000000 R13: 0x000000005A4BEB60
7182. R14: 0x000000005A4BE570 R15: 0x0000000000000000
7183.  
7184. Memory from 0x00000000B6C85744
7185. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
7186. 34 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
7187. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
7188. 35 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
7189. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
7190.  
7191. Stack Trace
7192. 0: ZwDelayExecution 0x00000014
7193. 1: SleepEx 0x000000A7
7194. 2: LogHelp_LogAssert 0x00000B13
7195. 3: GetMetaDataPublicInterfaceFromInternal 0x00008830
7196. 4: GetMetaDataPublicInterfaceFromInternal 0x0000870D
7197. 12: DllCanUnloadNowInternal 0x00000BE3
7198. 13: DllCanUnloadNowInternal 0x00000AA3
7199. 14: DllCanUnloadNowInternal 0x000012F5
7200. 15: GetPrivateContextsPerfCounters 0x00007B79
7201. 16: DllCanUnloadNowInternal 0x000019A9
7202. 17: DllCanUnloadNowInternal 0x00001924
7203. 18: DllCanUnloadNowInternal 0x00001862
7204. 19: DllCanUnloadNowInternal 0x000019E3
7205. 20: GetPrivateContextsPerfCounters 0x00007A5B
7206. 21: InstallCustomModule 0x00001C7F
7207. 22: BaseThreadInitThunk 0x00000022
7208. 23: RtlUserThreadStart 0x00000034
7209.  
7210.  
7211.  
7212. ------------------------------
7213. THREAD ID: 0x00002AC8
7214. got context
7215. Module path: C:\Windows\SYSTEM32\ntdll.dll
7216. PC: 0x0000000087B55C34 ModuleOffset: 0x00000000B6C85C34
7217. RAX: 0x0000000000000000 RBX: 0x0000000000000002 RCX: 0x00000000ACF39230
7218. RDX: 0x00000000558634D0 RDI: 0x0000000000000002 RSI: 0x0000000000000000
7219. RSP: 0x000000005A8BF9C8 RIP: 0x00000000B6C85C34 RBP: 0x0000000000001248
7220. R8 : 0x0000000000000000 R9 : 0x0000000000000000 R10: 0x0000000000000000
7221. R11: 0x0000000000000000 R12: 0x00000000FFFFFFFF R13: 0x000000005A8BFD00
7222. R14: 0x0000000000000000 R15: 0x0000000000000000
7223.  
7224. Memory from 0x00000000B6C85C14
7225. FF 66 66 66 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
7226. 5B 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
7227. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
7228. 5C 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
7229. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
7230.  
7231. Stack Trace
7232. 0: ZwWaitForMultipleObjects 0x00000014
7233. 1: WaitForMultipleObjectsEx 0x000000EF
7234. 2: MsgWaitForMultipleObjects 0x000001E9
7235. 3: MsgWaitForMultipleObjects 0x0000006B
7236. 4: GdiplusStartup 0x00002753
7237. 5: GdiplusStartup 0x000026C4
7238. 6: BaseThreadInitThunk 0x00000022
7239. 7: RtlUserThreadStart 0x00000034
7240.  
7241.  
7242.  
7243. ------------------------------
7244. THREAD ID: 0x00001D10
7245. got context
7246. Module path: C:\Windows\SYSTEM32\ntdll.dll
7247. PC: 0x0000000087B55764 ModuleOffset: 0x00000000B6C85764
7248. RAX: 0x0000000000000050 RBX: 0x0000000000000001 RCX: 0x0000000000000040
7249. RDX: 0x000000007C74B360 RDI: 0x0000000000000000 RSI: 0x00000000000007D0
7250. RSP: 0x000000005ACBE7C8 RIP: 0x00000000B6C85764 RBP: 0x00000000000007D0
7251. R8 : 0x00000000311E850C R9 : 0x0000000000000000 R10: 0x0000000000000032
7252. R11: 0x000000004D3FD610 R12: 0x0000000000000000 R13: 0x000000005ACBECF0
7253. R14: 0x000000005ACBE7F0 R15: 0x0000000000000000
7254.  
7255. Memory from 0x00000000B6C85744
7256. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
7257. 34 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
7258. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
7259. 35 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
7260. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
7261.  
7262. Stack Trace
7263. 0: ZwDelayExecution 0x00000014
7264. 1: SleepEx 0x000000A7
7265. 2: LogHelp_LogAssert 0x00000B13
7266. 3: GetMetaDataPublicInterfaceFromInternal 0x00008830
7267. 4: GetMetaDataPublicInterfaceFromInternal 0x0000870D
7268. 11: DllCanUnloadNowInternal 0x00000BE3
7269. 12: DllCanUnloadNowInternal 0x00000AA3
7270. 13: DllCanUnloadNowInternal 0x000012F5
7271. 14: GetPrivateContextsPerfCounters 0x00007B79
7272. 15: DllCanUnloadNowInternal 0x000019A9
7273. 16: DllCanUnloadNowInternal 0x00001924
7274. 17: DllCanUnloadNowInternal 0x00001862
7275. 18: DllCanUnloadNowInternal 0x000019E3
7276. 19: GetPrivateContextsPerfCounters 0x00007A5B
7277. 20: InstallCustomModule 0x00001C7F
7278. 21: BaseThreadInitThunk 0x00000022
7279. 22: RtlUserThreadStart 0x00000034
7280.  
7281.  
7282.  
7283. ------------------------------
7284. THREAD ID: 0x000028D0
7285. got context
7286. Module path: C:\Windows\SYSTEM32\ntdll.dll
7287. PC: 0x0000000087B55764 ModuleOffset: 0x00000000B6C85764
7288. RAX: 0x0000000038AB88F0 RBX: 0x0000000000000001 RCX: 0x0000000038AB86A8
7289. RDX: 0x0000000035C664D0 RDI: 0x0000000000000000 RSI: 0x00000000000007D0
7290. RSP: 0x000000005B0FEBE8 RIP: 0x00000000B6C85764 RBP: 0x00000000000007D0
7291. R8 : 0x000000000000003A R9 : 0x0000000000000060 R10: 0x0000000038AB9168
7292. R11: 0x000000004D3FA730 R12: 0x0000000000000000 R13: 0x000000005B0FF110
7293. R14: 0x000000005B0FEC10 R15: 0x0000000000000000
7294.  
7295. Memory from 0x00000000B6C85744
7296. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
7297. 34 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
7298. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
7299. 35 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
7300. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
7301.  
7302. Stack Trace
7303. 0: ZwDelayExecution 0x00000014
7304. 1: SleepEx 0x000000A7
7305. 2: LogHelp_LogAssert 0x00000B13
7306. 3: GetMetaDataPublicInterfaceFromInternal 0x00008830
7307. 4: GetMetaDataPublicInterfaceFromInternal 0x0000870D
7308. 11: DllCanUnloadNowInternal 0x00000BE3
7309. 12: DllCanUnloadNowInternal 0x00000AA3
7310. 13: DllCanUnloadNowInternal 0x000012F5
7311. 14: GetPrivateContextsPerfCounters 0x00007B79
7312. 15: DllCanUnloadNowInternal 0x000019A9
7313. 16: DllCanUnloadNowInternal 0x00001924
7314. 17: DllCanUnloadNowInternal 0x00001862
7315. 18: DllCanUnloadNowInternal 0x000019E3
7316. 19: GetPrivateContextsPerfCounters 0x00007A5B
7317. 20: InstallCustomModule 0x00001C7F
7318. 21: BaseThreadInitThunk 0x00000022
7319. 22: RtlUserThreadStart 0x00000034
7320.  
7321.  
7322.  
7323. ------------------------------
7324. THREAD ID: 0x00001C04
7325. got context
7326. Module path: C:\Windows\SYSTEM32\ntdll.dll
7327. PC: 0x0000000087B55764 ModuleOffset: 0x00000000B6C85764
7328. RAX: 0x0000000000C00D19 RBX: 0x0000000000000001 RCX: 0x000000000000003E
7329. RDX: 0x0000000000000001 RDI: 0x0000000000000000 RSI: 0x000000000000003E
7330. RSP: 0x000000005B4FE638 RIP: 0x00000000B6C85764 RBP: 0x000000000000003E
7331. R8 : 0x0000000004000000 R9 : 0x000000004A10BC10 R10: 0x0000000000000000
7332. R11: 0x000000004A10BC10 R12: 0x0000000000000000 R13: 0x000000005B4FEC50
7333. R14: 0x000000005B4FE660 R15: 0x0000000000000000
7334.  
7335. Memory from 0x00000000B6C85744
7336. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
7337. 34 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
7338. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
7339. 35 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
7340. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
7341.  
7342. Stack Trace
7343. 0: ZwDelayExecution 0x00000014
7344. 1: SleepEx 0x000000A7
7345. 2: LogHelp_LogAssert 0x00000B13
7346. 3: GetMetaDataPublicInterfaceFromInternal 0x00008830
7347. 4: GetMetaDataPublicInterfaceFromInternal 0x0000870D
7348. 12: DllCanUnloadNowInternal 0x00000BE3
7349. 13: DllCanUnloadNowInternal 0x00000AA3
7350. 14: DllCanUnloadNowInternal 0x000012F5
7351. 15: GetPrivateContextsPerfCounters 0x00007B79
7352. 16: DllCanUnloadNowInternal 0x000019A9
7353. 17: DllCanUnloadNowInternal 0x00001924
7354. 18: DllCanUnloadNowInternal 0x00001862
7355. 19: DllCanUnloadNowInternal 0x000019E3
7356. 20: GetPrivateContextsPerfCounters 0x00007A5B
7357. 21: InstallCustomModule 0x00001C7F
7358. 22: BaseThreadInitThunk 0x00000022
7359. 23: RtlUserThreadStart 0x00000034
7360.  
7361.  
7362.  
7363. ------------------------------
7364. THREAD ID: 0x00002720
7365. got context
7366. Module path: C:\Windows\SYSTEM32\ntdll.dll
7367. PC: 0x0000000087B55764 ModuleOffset: 0x00000000B6C85764
7368. RAX: 0x000000005B8FE468 RBX: 0x0000000000000001 RCX: 0x000000000000003E
7369. RDX: 0x0000000000000001 RDI: 0x0000000000000000 RSI: 0x000000000000003E
7370. RSP: 0x000000005B8FE398 RIP: 0x00000000B6C85764 RBP: 0x000000000000003E
7371. R8 : 0x0000000000000001 R9 : 0x000000004A10CBB0 R10: 0x0000000000000000
7372. R11: 0x000000004A10CBB0 R12: 0x0000000000000000 R13: 0x000000005B8FE9B0
7373. R14: 0x000000005B8FE3C0 R15: 0x0000000000000000
7374.  
7375. Memory from 0x00000000B6C85744
7376. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
7377. 34 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
7378. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
7379. 35 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
7380. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
7381.  
7382. Stack Trace
7383. 0: ZwDelayExecution 0x00000014
7384. 1: SleepEx 0x000000A7
7385. 2: LogHelp_LogAssert 0x00000B13
7386. 3: GetMetaDataPublicInterfaceFromInternal 0x00008830
7387. 4: GetMetaDataPublicInterfaceFromInternal 0x0000870D
7388. 12: DllCanUnloadNowInternal 0x00000BE3
7389. 13: DllCanUnloadNowInternal 0x00000AA3
7390. 14: DllCanUnloadNowInternal 0x000012F5
7391. 15: GetPrivateContextsPerfCounters 0x00007B79
7392. 16: DllCanUnloadNowInternal 0x000019A9
7393. 17: DllCanUnloadNowInternal 0x00001924
7394. 18: DllCanUnloadNowInternal 0x00001862
7395. 19: DllCanUnloadNowInternal 0x000019E3
7396. 20: GetPrivateContextsPerfCounters 0x00007A5B
7397. 21: InstallCustomModule 0x00001C7F
7398. 22: BaseThreadInitThunk 0x00000022
7399. 23: RtlUserThreadStart 0x00000034
7400.  
7401.  
7402.  
7403. ------------------------------
7404. THREAD ID: 0x00002C70
7405. got context
7406. Module path: C:\Windows\SYSTEM32\ntdll.dll
7407. PC: 0x0000000087B55164 ModuleOffset: 0x00000000B6C85164
7408. RAX: 0x0000000000000000 RBX: 0x0000000000000000 RCX: 0x00000000B6C85164
7409. RDX: 0x0000000000000000 RDI: 0x00000000000011B4 RSI: 0x00000000FFFFFFFF
7410. RSP: 0x000000005B93FA68 RIP: 0x00000000B6C85164 RBP: 0x000000005B93FC00
7411. R8 : 0x000000005B93FA68 R9 : 0x000000005B93FC00 R10: 0x0000000000000000
7412. R11: 0x0000000000000246 R12: 0x0000000000000000 R13: 0x0000000000000000
7413. R14: 0x0000000000000000 R15: 0x0000000000000000
7414.  
7415. Memory from 0x00000000B6C85144
7416. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
7417. 04 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
7418. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
7419. 05 00 00 00 F6 04 25 08 03 FE 7F 01 75 03 0F 05
7420. C3 CD 2E C3 0F 1F 84 00 00 00 00 00 4C 8B D1 B8
7421.  
7422. Stack Trace
7423. 0: NtWaitForSingleObject 0x00000014
7424. 1: WaitForSingleObjectEx 0x0000008F
7425. 2: DllCanUnloadNowInternal 0x000007C7
7426. 3: BaseThreadInitThunk 0x00000022
7427. 4: RtlUserThreadStart 0x00000034